# User roles

A role is a set of permissions that allows a user to perform operations with DoubleCloud resources.

There are four roles for a DoubleCloud user:

A user can have more than one role.

You can see the user's active roles in the Roles column under Active Members.

## Viewer

The Viewer role grants permission to access a project and allows to:

• Access the clusters with read-only rights
• View logs and metrics for the clusters
• Access the databases on the cluster with read-only rights
• Contact support.

Note

A Viewer can't access the Members service and can't see the list of users on the project.

The Admin role has all the permissions of the Viewer role permissions and, on top of it, allows to perform the following operations:

• Access the clusters with read-write rights
• Access the databases on the cluster with read-write rights
• Access the Visualization service with read-write rights
• Create and manage source and target endpoints
• Create and manage transfers

## Owner

The Owner role is automatically assigned to the creator of the project. This role can't be transferred. On top of the Admin role permissions, it allows to perform the following operations:

• Assign and remove user roles for the project members,
• Send and revoke invitations to the project,
• Access and manage the billing account.

## Billing

The Billing role grants permissions to access the project's billing account and perform operations with its resources:

We suggest assigning the Billing roles to users with the Admin role - your billing account contains sensitive financial information, so it's a good idea to restrict access to it.