# RBAC | Roles and permissions

PerfectScale provides detailed permission control to keep operations secure and organized. There are three user roles: Admin, Power User, and Read-Only, each with different access levels.

{% hint style="info" %}
The customers who have access to the DoiT Kubernetes Lens also have access to their PerfectScale tenant with an [**Admin role**](https://docs.perfectscale.io/administration/rbac-or-roles-and-permissions).
{% endhint %}

## Roles

### Admin

This role is assigned by default to the first user who creates the account. Admin has full access to all system features, including user management, cluster settings, policy configuration, and platform customization.

### Power User

This role is assigned by the account Admin. Power Users can configure workload policies and customization profiles. However, they cannot manage users or cluster settings.

### Read-Only

Users with the Read-Only role can only access and view the account and cannot make any configuration changes.

### **Weekly report receiver**

This role is automatically assigned alongside the Admin role and allows users to receive the PerfectScale weekly report.

## Permissions matrix <a href="#id-3.-new-permissions-matrix" id="id-3.-new-permissions-matrix"></a>

| Feature                                    | Admin | Power User | Read-Only |
| ------------------------------------------ | ----- | ---------- | --------- |
| **Organization settings - Workspace**      | ✅     | ❌          | ❌         |
| **Organization settings** - **My account** | ✅     | ✅          | ✅         |
| **Invite  new user**                       | ✅     | ❌          | ❌         |
| **Read Access**                            | ✅     | ✅          | ✅         |
| **Disconnect cluster**                     | ✅     | ❌          | ❌         |
| **Add cluster**                            | ✅     | ✅          | ❌         |
| **Edit cluster**                           | ✅     | ✅          | ❌         |
| **Modify cluster policy**                  | ✅     | ✅          | ❌         |
| **Modify cluster policy window**           | ✅     | ✅          | ❌         |
| **Modify workload policy**                 | ✅     | ✅          | ❌         |
| **Modify workload policy window**          | ✅     | ✅          | ❌         |
| **Mute/Unmute workload**                   | ✅     | ✅          | ❌         |
| **Create/Delete Jira ticket**              | ✅     | ✅          | ❌         |
| **View profile settings**                  | ✅     | ✅          | ❌         |
| **Edit profile settings**                  | ✅     | ✅          | ❌         |
| **Assign profile to a cluster**            | ✅     | ✅          | ❌         |
| **Configure automation via UI**            | ✅     | ❌          | ❌         |


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.perfectscale.io/administration/rbac-or-roles-and-permissions.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.