Add and Manage Access Control
Harness provides Role-Based Access Control (RBAC) that enables you to control user and group access to Harness Resources according to their Role assignment.
This topic describes how to add and manage access control for Feature Flags.
Before You Begin
Review Feature Flags Roles and Permissions
The following pre-defined default Role is available for Feature Flags:
- Feature Flag Manage Role: Can create new feature flags and also edit and view existing feature flags
Default Roles | Scope | Permissions | |
Feature Flag Manage Role | Project/Environment |
| ![]() |
- If you have permissions at the Project level, you can edit flags within that project or its environments.
- If you have permissions for the specific environment, then the Role is limited within the environment only.
Step: Manage Feature Flag Access Control
- In Feature Flags, in Project Setup, click Access Control.
- Click Users and then New User to add a new user. See Add and Manage Users.
- Click User Groups and then New User Group to add a new user group. See Add and Manage User Groups.
- Click Resource Groups and then New Resource Group to add a new resource group. See Add and Manage Resource Groups.
- Click Roles and then New Role to add a new role. See Add and Manage Roles.
Access Control Examples in Feature Flags
The following are some of the example scenarios where-in you can use RBAC to manage access for your users:
Example 1: Read-only Role in all the Environments
Users with a read-only role for all the Environments can view all the flags in the environment, but cannot create or edit any flag.
Example 2: Edit Role in a Specific Environment
Users with Feature Flag Manage
Example 3: Manager Role that can edit flags in all envs, but not create flags