Independent of the authentication method used (e.g. local user, Google Identity, or OIDC/SAML federation), roles are available to govern access to the ProsperOps Console.
Each user must be assigned to one of the following three roles:
This role grants read-only access to the ProsperOps Console, with the exception of the User Management and Billing sections, which are not accessible.
This role grants Viewer permissions plus the ability to add new AWS Organizations and configure AWS Account access. The User Management and Billing sections are not accessible.
This role grants full access to the ProsperOps Console, including the ability to view and manage users and billing.
Note: Companies configured for OIDC/SAML federation will manage users and role membership via their corporate directory so the User Management section of the ProsperOps Console is disabled, regardless of role.