mirror of
https://github.com/Infisical/infisical.git
synced 2025-03-29 22:02:57 +00:00
22 lines
1.6 KiB
Plaintext
22 lines
1.6 KiB
Plaintext
---
|
|
title: "Additional Privileges"
|
|
description: "Learn how to add specific privileges on top of predefined roles."
|
|
---
|
|
|
|
Even though Infisical supports full-fledged [role-base access controls](./role-based-access-controls) with ability to set predefined permissions for user and machine identities, it is sometimes desired to set additional privileges for specific user or machine identities on top of their roles.
|
|
|
|
Infisical **Additional Privileges** functionality enables specific permissions with access to sensitive secrets/folders by identities within certain projects. It is possible to set up additional privileges through Web UI or API.
|
|
|
|
To provision specific privileges through Web UI:
|
|
1. Click on the `Edit` button next to the set of roles for user or identities.
|
|
|
|
|
|
2. Click `Add Additional Privileges` in the corresponding section of the permission management modal.
|
|
|
|
|
|
3. Fill out the necessary parameters in the privilege entry that appears. It is possible to specify the `Environment` and `Secret Path` to which you want to enable access.
|
|
It is also possible to define the range of permissions (`View`, `Create`, `Modify`, `Delete`) as well as how long the access should last (e.g., permanent or timed).
|
|
|
|
|
|
4. Click the `Save` button to enable the additional privilege.
|
|
 |