Links

Docker roles and permissions

This document describes the permission levels each RBAC role has within the Portainer application for both Docker Standalone and Docker Swarm environments. Refer to the linked notes for further requirements on each operation.
Role-Based Access Control is only available in Portainer Business Edition.

Legend

Abbreviation
Role name
EA
Environment Administrator
OP
Operator
HD
Helpdesk
ST
Standard user
RO
Read-only user

Roles and permissions

Templates

Operation
EA
OP
HD
ST
RO
Notes
View app templates
Deploy app templates
View custom templates
1
Create custom templates
Deploy custom templates
1
Edit custom templates
1
Change custom template ownership
1
Delete custom template
1

Stacks

Access to these operations can be affected by the Disable the use of Stacks for non-administrators security setting (Docker, Swarm).
Operation
EA
OP
HD
ST
RO
Notes
View stacks
1
Create a stack
3
Edit a stack
1
View stack details
1
Change stack ownership
1
Stop a stack
1
Start a stack
1
Duplicate a stack
1
Migrate a stack
1
Create template from a stack
1
Update service in stack
1, 2
Remove service from stack
1, 2
Delete a stack
1

Services

These operations are only relevant for Docker Swarm environments.
Operation
EA
OP
HD
ST
RO
Notes
View services
1
Create service
3.5
View service details
1
Edit service
1, 3.5
Update service
1
Roll back service
1
View service logs
1
Change service ownership
1
Delete service
1

Containers

Operation
EA
OP
HD
ST
RO
Notes
View containers
1
Create container
3
Build an image from a container
1
View container details
1
Start container
1
Stop container
1
Kill container
1
Restart container
1
Pause container
1
Resume container
1
Edit container
1, 3
Duplicate container
1, 3
Recreate container
1, 3
Container console
1
Container attach
1
Join container to network
1
Remove container from network
1
View container logs
1
Change container ownership
1
Delete container
1

Images

Operation
EA
OP
HD
ST
RO
Notes
View images
Pull an image
Push an image
Build an image
Import an image
View image details
Add tag to image
Remove tag from image
Export image
Delete an image

Volumes

Operation
EA
OP
HD
ST
RO
Notes
View volumes
1
Create a volume
View volume details
1
Browse a volume
1, 4
Change volume ownership
1
Delete a volume
1

Networks

Operation
EA
OP
HD
ST
RO
Notes
View networks
1
Create a network
View network details
1
Change network ownership
1
Delete a network
1

Events

These operations are only relevant for Docker Standalone environments.
Operation
EA
OP
HD
ST
RO
Notes
View events

Configs

These operations are only relevant for Docker Swarm environments.
Operation
EA
OP
HD
ST
RO
Notes
View configs
1
Create a config
View config details
1
Clone a config
1
Change config ownership
1
Delete a config
1

Secrets

These operations are only relevant for Docker Swarm environments.
Operation
EA
OP
HD
ST
RO
Notes
View secrets
1
Create a secret
View secret details
1
Change secret ownership
1
Delete a secret
1

Host

These operations are only relevant for Docker Standalone environments.
Operation
EA
OP
HD
ST
RO
Notes
View host details

Swarm

These operations are only relevant for Docker Swarm environments.