Access groups and roles in Pega Robot Manager
Pega Robot Manager provides a set of template access groups, each with a unique set of access roles that grant specific permissions to Robot Manager users.
Use the sample access groups for reference or a starting point for configuring your own Robot Manager-specific access groups that you tailor to your business needs and security best practices. For example, you can allow Robot Manager managers to view DevOps pipelines and initiate deployments to other environments.Default access groups
The following out-of-the-box access groups provide a sample proposal for various job functions that you can fulfill in Robot Manager.
Default access groups in Pega Robot Manager
Access group | Function | Access roles |
PegaRobotManager:Administrators | Enables all types of actions in Dev Studio and the Robot Manager portal. This access group is the superuser account. | |
PegaRobotManager:Services | Grants agents, job schedulers, and batch operations access to Robot Manager resources, without providing a direct access to the portal. | |
PegaRobotManager:Developer | Provides access to Dev Studio in client applications that are built on top of Robot Manager, for example, to build cases. | |
PegaRobotManager:RobotDevelopers | Provides rights for publishing automation packages to Robot Manager. | |
PegaRobotManager:RuntimeUser | Provides indirect access to Robot Manager to download automation packages and get assignments. Robot Runtime users are unattended robots that process assignments from robotic work queues. | |
PegaRobotManager:Assistants | Provides case workers (for example, CSRs) who are assisted by attended robots with permissions to fetch automation packages from Robot Manager. | |
PegaRobotManager:RPAServices | Provides access rights for granting unattended robots access to Robot Manager so that the robots can download automation packages and complete work assignments. | |
PegaRobotManager:Authors | Provides rights for creating and managing the following Robot Manager content types:
| |
PegaRobotManager:Users | Enables accessing Robot Manager content created by authors, such as reports, dashboards, and spaces. | |
PegaRobotManager:Managers | Enables the following actions:
| |
PegaRobotManager:UserAdmin | Enables managing users and departments. | |
PegaRobotManager:DeploymentManagers | Enables viewing deployment pipelines in the Robot Manager portal and triggering deployment of the Pega Robot Manager application with the associated artifacts to another environment. |
Access groups in the Pega Robot Manager portal
When you add users in the Pega Robot Manager portal, you associate users with a role that directly corresponds to an access group, as configured by the system administrator in Dev Studio. The following figure shows the relationship between the two entries:
Default access roles
Pega Robot Manager contains a set of out-of-the-box access roles. By removing or adding access roles in an access group, you restrict or grant user access to various Robot Manager areas, based on their responsibilities.
Robot Manager has the following predefined access roles:
- AutomationPackageManagement:Admin
- Administrators can perform all actions in Robot Manager. Only administrators can deploy packages to the Production deployment level.
- AutomationPackageManagement:Developer
- Developers can publish and manage automation packages.
- AutomationPackageManagement:UserAdmin
- User admins can manage Robot Runtime users and the organizational hierarchy.
- AutomationPackageManagement:RuntimeUser
- Robot Runtime users cannot log in to Robot Manager. Robot Runtime users are typically case workers who fetch their automation package assignment from Robot Manager.
- PegaRobotManager:RobotAdmin
- Robot administrators can administer unattended robots.
- PegaRobotManager:ReportAdmin
- Report administrators can view, create, edit, and delete custom reports. They can also view and delete the out-of-the-box reports or change their titles. Report administrators can also archive and remove operational data that is collected for reporting purposes.
- PegaRobotManager:ReportWriter
- Report writers can view, create, edit and delete custom reports. They can also view the out-of-the-box reports.
- PegaRobotManager:ReportUser
- Report users can view custom and out-of-the-box reports.
- PegaRobotManager:DevOps
- DevOps users can view deployment pipelines in the Robot Manager portal and initiate deployment of the Robot Manager application with the associated artifacts to another environment.
- PegaRobotManager:SpacesManager
- Space managers can creating new spaces as well as view and collaborate in existing spaces.
- PegaRobotManager:SpacesUser
- Space users can view and collaborate in existing spaces.
Previous topic Managing access privileges Next topic Creating custom access groups for Pega Robot Manager users