Many permissions in cloudtamer.io are governed by permission roles and permission schemes. A permission role is a role you can create, such as Admin, that will be assigned individual permissions using a permission scheme.
A permission role can be used in multiple permission schemes for multiple objects (including OUs, projects, funding sources, and globally). For example, the permission role below, External Contractor, is applied to two different OU permission schemes.
The Default OU Permission Scheme:
and the Permissions Scheme For Top Secret OUs:
In both of these permission schemes, the External Contractor role only has Browse permissions, but in the Default OU Permission Scheme, more roles have the Manage permission.
You can learn more about permission schemes in the What are Permission Schemes? article. More information about individual permissions is available in the Permissions article, and you can learn how to map users to permissions in the Map Users and User Groups article.