From d52643b3eb3c94a41cbee1d369e63446965aa78e Mon Sep 17 00:00:00 2001 From: Noah Talerman <47070608+noahtalerman@users.noreply.github.com> Date: Thu, 7 Mar 2024 17:47:54 -0500 Subject: [PATCH] Add OS updates to permissions table (#17384) - Maintainers and up can edit OS udpates --- docs/Using Fleet/manage-access.md | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/docs/Using Fleet/manage-access.md b/docs/Using Fleet/manage-access.md index 6638fdb8b8..c073b1a6f9 100644 --- a/docs/Using Fleet/manage-access.md +++ b/docs/Using Fleet/manage-access.md @@ -60,7 +60,7 @@ GitOps is an API-only and write-only role that can be used on CI/CD pipelines. | Create, edit, and delete policies for all hosts assigned to team\* | | | ✅ | ✅ | ✅ | | Manage [policy automations](https://fleetdm.com/docs/using-fleet/automations#policy-automations) | | | | ✅ | ✅ | | Create, edit, view, and delete users | | | | ✅ | | -| Add and remove team users\* | | | | ✅ | ✅ | +| Add and remove team users\* | | | | ✅ | ✅ | | Create, edit, and delete teams\* | | | | ✅ | ✅ | | Create, edit, and delete [enroll secrets](https://fleetdm.com/docs/deploying/faq#when-do-i-need-to-deploy-a-new-enroll-secret-to-my-hosts) | | | ✅ | ✅ | ✅ | | Create, edit, and delete [enroll secrets for teams](https://fleetdm.com/docs/using-fleet/rest-api#get-enroll-secrets-for-a-team)\* | | | ✅ | ✅ | | @@ -77,9 +77,10 @@ GitOps is an API-only and write-only role that can be used on CI/CD pipelines. | View Apple business manager (BM) information | | | | ✅ | | | Generate Apple mobile device management (MDM) certificate signing request (CSR) | | | | ✅ | | | View disk encryption key for macOS and Windows hosts | ✅ | ✅ | ✅ | ✅ | | -| Create edit and delete configuration profiles for macOS and Windows hosts | | | ✅ | ✅ | ✅ | -| Execute MDM commands on macOS and Windows hosts\** | | | ✅ | ✅ | | -| View results of MDM commands executed on macOS and Windows hosts\** | ✅ | ✅ | ✅ | ✅ | | +| Edit OS updates for macOS and Windows hosts | | | ✅ | ✅ | ✅ | +| Create edit and delete configuration profiles for macOS and Windows hosts | | | ✅ | ✅ | ✅ | +| Execute MDM commands on macOS and Windows hosts\** | | | ✅ | ✅ | | +| View results of MDM commands executed on macOS and Windows hosts\** | ✅ | ✅ | ✅ | ✅ | | | Edit [MDM settings](https://fleetdm.com/docs/using-fleet/mdm-macos-settings) | | | | ✅ | ✅ | | Edit [MDM settings for teams](https://fleetdm.com/docs/using-fleet/mdm-macos-settings) | | | | ✅ | ✅ | | Upload an EULA file for MDM automatic enrollment\* | | | | ✅ | | @@ -137,7 +138,7 @@ Users with access to multiple teams can be assigned different roles for each tea | Filter hosts using policies | ✅ | ✅ | ✅ | ✅ | | | Create, edit, and delete team policies | | | ✅ | ✅ | ✅ | | Manage [policy automations](https://fleetdm.com/docs/using-fleet/automations#policy-automations) | | | | ✅ | ✅ | -| Add and remove team users | | | | ✅ | ✅ | +| Add and remove team users | | | | ✅ | ✅ | | Edit team name | | | | ✅ | ✅ | | Create, edit, and delete [team enroll secrets](https://fleetdm.com/docs/using-fleet/rest-api#get-enroll-secrets-for-a-team) | | | ✅ | ✅ | | | Read organization settings\* | ✅ | ✅ | ✅ | ✅ | | @@ -145,6 +146,7 @@ Users with access to multiple teams can be assigned different roles for each tea | Edit [agent options](https://fleetdm.com/docs/using-fleet/configuration-files#agent-options) | | | | ✅ | ✅ | | Initiate [file carving](https://fleetdm.com/docs/using-fleet/rest-api#file-carving) | | | ✅ | ✅ | | | View disk encryption key for macOS hosts | ✅ | ✅ | ✅ | ✅ | | +| Edit OS updates for macOS and Windows hosts | | | ✅ | ✅ | ✅ | | Create edit and delete configuration profiles for macOS and Windows hosts | | | ✅ | ✅ | ✅ | | Execute MDM commands on macOS and Windows hosts* | | | ✅ | ✅ | | | View results of MDM commands executed on macOS and Windows hosts* | ✅ | ✅ | ✅ | ✅ | |