C3 Agentic AI Platform Built-in Roles
This topic aims to clarify the specific functions and responsibilities assigned to these roles, facilitating informed role assignment decisions within the platform's role-based access control (RBAC) system.
The C3 Agentic AI Platform includes several predefined roles, each with distinct permissions and intended for specific user types or personas within an organization. Understanding these roles and their associated personas helps effectively delegate responsibilities and access rights.
Cluster admin (C3.ClusterAdmin)
The C3.ClusterAdmin has extensive control over the Cluster Type. This role can start, stop, and manage environments within a cluster. The C3.ClusterAdmin role can also run actions like Cluster.restartEnvs, Cluster.startEnv, and Cluster.summary which are critical for maintaining the cluster's overall health and performance.
- Capabilities: Manages all actions of a cluster except for creating or deleting clusters. Can upgrade clusters, start/stop environments, create new environments, and remove environments.
- Key permissions: Permissions for cluster-wide actions, environment management, and potentially sensitive operations like
Cluster.forceTerminateEnvById. - Typical persona: IT Infrastructure Manager or System Administrator responsible for overseeing and maintaining the platform's core infrastructure.
Environment admin (C3.EnvAdmin)
This role manages specific environments within a cluster, as indicated by functions like Cluster.stopEnvById and Cluster.resumeEnvById in the Cluster Type. However, its control is limited to the assigned environment rather than the entire cluster.
- Capabilities: Manages all actions of the assigned environment, including stopping, resuming, deleting, and upgrading environments.
- Key permissions: Environment-specific management permissions, including the ability to stop, resume, and terminate environments.
- Typical persona: Environment Manager or DevOps Engineer tasked with managing specific development, testing, or production environments within the C3 Agentic AI Platform.
Application admin (C3.AppAdmin)
The C3.AppAdmin has comprehensive control over application management within an environment. This includes actions like restart, App.stopCloudServices, and App.terminateCloudServices which are crucial for application lifecycle management.
- Capabilities: Granted full permissions to manage all actions of the assigned application within an environment.
- Key permissions: Full administrative rights over applications, including the ability to manage cloud services and configure application settings.
- Typical persona: Application Manager or Lead Developer who needs to oversee application deployment, configuration, and lifecycle within a specific environment.
Developer (C3.Developer)
The C3.Developer develops, tests, and deploys applications on the C3 Agentic AI Platform.
- Capabilities: Manages actions related to provisioning infrastructure, deploying applications, and managing the lifecycle of cloud resources.
- Key permissions: Access to extended C3 AI Console capabilities, tools and utilities for developers, and configuration objects.
- Typical persona: Software engineer or application developer who builds, tests, and deploys C3 AI applications.
User admin (UserAdmin)
As the role primarily focuses on user management, its interactions with Cluster and App Types are limited. However, it plays a crucial role in maintaining the security and integrity of the C3 Agentic AI Platform by managing user access and roles.
- Capabilities: Focuses on managing users, including creating users, adding new users, and changing user roles.
- Typical persona: HR Manager or IT Security Personnel responsible for managing platform access for employees, ensuring users have appropriate access as per their job functions.
Role assignment considerations
When assigning these roles, it is crucial to consider the individual's responsibilities within the organization. For instance, a Cluster Administrator should be someone with extensive knowledge of the C3 Agentic AI Platform's infrastructure, whereas a User Administrator should be well-versed in organizational policies and user management.
The built-in roles in the C3 Agentic AI Platform are designed to cater to a variety of operational and development needs within an organization. Assigning these roles requires a careful evaluation of the individual's job function and responsibilities. By aligning roles with the appropriate personas, organizations can ensure efficient and secure operations, maintaining a balance between accessibility and control within the platform's RBAC framework.