Creating a Role in Control Center

If you have sufficient permissions, you can define a role in Control Center. Roles are defined in the context of an organization. Only Control Center Administrators can create, modify, and delete roles. A role specifies a set of instance-level permissions (for one or more instances) and binds the set of permissions to one or more users. A role saves time by enabling you to collect configured permissions together and bind that collection to a list of users ― instead of repeating the same configuration multiple times, once per user. A single user can have multiple roles.

If your organization has a large number of users, roles can save you time; if your organization has a small number of users, you might find it easier to configure instance-level permissions separately for each user. Roles are beneficial if a group of users receives the same set of permissions.

To create a role, perform the following steps.

  1. Login to Control Center: https://controlcenter.commercecloud.salesforce.com/.
    The Control Center window opens.
  2. Click Roles.
  3. On the Roles view, click New Role.
  4. On the Create New Role window, enter a name for the role and click Save.
    A role with the name you provided is added to the Roles view.
  5. Click the role name.
    A view opens for the role you created, a view consisting of two tabs: Instances and Users. When you first create a role, this view shows the Instances tab.
  6. Click Add Instances.
    The Select Instances slider opens. The slider shows a list of all realms in your organization. Each realm is collapsed, but you can expand a realm to see the instances within it. Each instance is individually selectable, and a pseudo instance (All Sandboxes) is included in the list of instances. If you select the All Sandboxes pseudo instance, it indicates to the system that you want the same permissions to apply to all sandbox instances in the realm, so you don't have to individually select them. The All Sandboxes pseudo instance applies to any future sandboxes that can be created in the realm.
  7. Select one or more instances in one or more realms, and click Add.

    Each instance that you selected is added to the list of instances on the Instances tab, organized by realm. For each instance, you can specify the following permissions (assuming you have sufficient permissions, and assuming that an operation is allowed for that instance):

    • Dbinit: Grant a user assigned to this role the ability to initialize an instance using DbInit. (This permission can't be granted to anyone for PIG instances; it can only be granted to sandbox instances.)
    • Start/Stop: Grant a user assigned to this role the ability to stop, start, and restart an instance.
    • View Statistics: Grant a user assigned to this role the ability to view usage statistics for an instance.
    • Grant Permissions Grant a user assigned to this role the ability to administratively give other users permissions against the instance. Users can only grant permissions currently granted to them; they can't grant permissions they don't have.
  8. Click Users.
  9. On the Users tab, click Add Users.
    The Select Users slider opens, which contains two tabs: Inside Organization and Outside Organization. The Inside Organization tab contains a list of all users in your organization (that is, all users who were granted the Control Center Administrator or Control Center User roles in Account Manager); the Outside Organization tab contains a field into which you can enter the email address of individuals outside of your organization (this email address is the one used when logging into Account Manager). The Outside Organization tab is useful in two situations: when your organization works with an implementation partner, and you want to specify individuals within the partner's organization; and when you are the implementation partner, and you want to specify individuals within the client's organization. If you use the Outside Organization tab, you must enter the email addresses individually, and click Add for each user you add. (Before you can add a user, the user must be granted either the Control Center Administrator or the Control Center User role in Account Manager.)
  10. On the Inside Organization tab, select the users you want to assign to the role, and click Add.