In TrueFoundry, are organized around the following key resources that help manage the entire organization’s resources effectively.
Tenant/Organization level permissions
Resource | Default Permissions |
---|
Environments | View All Environments |
Users | View All Users |
Teams | View All Teams |
Integrations | View All Integrations |
Git Integrations | View All Git Integrations |
Clusters | View All Clusters |
Resource | Default Permissions |
---|
Environments | View All Environments |
Users | View All Users |
Teams | View All Teams |
Integrations | View All Integrations |
Git Integrations | View All Git Integrations |
Clusters | View All Clusters |
Resource | Default Permissions |
---|
Environments | Manage All Environments |
Settings | Manage All Settings |
Users | Manage All Users |
Teams | Manage All Teams |
Virtual Accounts | Manage All Virtual Accounts |
Integrations | Manage All Integrations |
Git Integrations | Manage All Git Integrations |
Policys | Manage All Policies |
Clusters | Manage All Clusters |
Workspaces | Manage All Workspaces |
Applications | Manage All Applications |
ML Repositories | Manage All ML Repositories |
Secret Groups | Manage All Secret Groups |
Audit Logs | View All Audit Logs |
Settings | Manage All Settings |
AI Gateway Models | Manage All Models |
MCP Server Integrations | Manage All MCP Server Integrations |
AI Gateway Configs | Manage All Configs |
Resource level permissions
AWS, Azure, GCP, JFrog, AI Models, MCP Servers are all provider accounts.Permissions | Provider Account Access | Provider Account Manager |
---|
View Provider Account | | |
Update Provider Account | | |
Manage Collaborators | | |
Use All Integrations | | |
Only Tenant Admins can create/delete a provider account. You can also define overrides for Access
permission for each Integration.
AWS, Azure, GCP, JFrog, AI Models, MCP Servers are all provider accounts.Permissions | Provider Account Access | Provider Account Manager |
---|
View Provider Account | | |
Update Provider Account | | |
Manage Collaborators | | |
Use All Integrations | | |
Only Tenant Admins can create/delete a provider account. You can also define overrides for Access
permission for each Integration.
Permissions | Cluster Viewer | Cluster Member | Cluster Admin |
---|
View Cluster | | | |
Update Cluster | | | |
Delete Cluster | | | |
Manage Collaborators | | | |
Create Workspace | | | |
Only Tenant Admins can create a cluster.
Permissions | Workspace Viewer | Workspace Editor | Workspace Admin |
---|
View Workspace | | | |
Update Workspace | | | |
Delete Workspace | | | |
Manage Collaborators | | | |
Add/Update/Delete Applications | | | |
Permissions | Project Viewer | Project Editor | Project Admin |
---|
View ML Repository/Project | | | |
Update ML Repository/Project | | | |
Delete ML Repository/Project | | | |
Manage Collaborators | | | |
View Runs/Artifacts/Models/Traces/Prompts | | | |
Add/Update Runs/Artifacts/Models/Traces/Prompts | | | |
Delete Runs/Artifacts/Models/Traces/Prompts | | | |
Any member with Access
permission to any Blob storage integration can create a ML Repository/Project.
Permissions | Secret Group Viewer | Secret Group Editor | Secret Group Admin |
---|
View Secret Group | | | |
Update Secret Group | | | |
Delete Secret Group | | | |
Manage Collaborators | | | |
View Secrets | | | |
Add/Update/Delete Secrets | | | |
Read Secret Value | | | |
Any member with Access
permission to any Secret storage integration can create a Secret Group.