List of policies and permissions

When using the functions of HULFT Square, users need to be granted the permissions necessary to perform tasks. Administrators can set permissions in policies or use predefined policies.

In this section, the permissions and the predefined policies to use HULFT Square are explained by category. You can also check the permissions that are set for the predefined groups Developer, TechnicalSupport, SystemOperator, and Admin. Select each category name to show the corresponding table. To show or hide all tables, select on the upper right of the screen.

For details on the concepts of users, groups, policies, and permissions, refer to User management.

For how to configure users, groups, and policies, refer to Set up users and groups.

Applications

Predefined policy	Permission	Description	Developer	Support	System Ops	Admin
ApplicationFullAccess	ListApplication	Read only access to the list of applications. Not allowed to see details.	✓	✓	✓	✓
	ViewApplication	Read only access to the details of applications.	✓	✓	✓	✓
	EditApplication	Privilege to edit (configure) applications.	✓	✓	✓	✓
	ApplicationAdminAccess	Privilege to install applications.				✓

✓

Available by default

Storage

Predefined policy		Permission	Description	Developer	Support	System Ops	Admin
StorageFullAccess		ViewObject	Read only access to storage.	✓	✓	✓	✓
		EditObject	Privilege to write and delete objects and directories in storage.	✓		✓	✓
		UploadObject	Privilege to upload objects and directories to storage.	✓			✓
		DownloadObject	Privilege to download objects and directories from storage.	✓			✓
	StorageAdminAccess	ObjectAdminAccess	Privilege to view and edit objects in the system area of storage.				✓

✓

Available by default

Services

Predefined policy		Permission	Description	Developer	Support	System Ops	Admin
IntegrateServiceFullAccess	IntegrateServiceReadAccess	ListIntegrateService	Read only access to the list of assigned HULFT Integrate services. Not allowed to see details.	✓	✓	✓	✓
		ViewIntegrateService	Read only access to the details of assigned HULFT Integrate services.	✓	✓	✓	✓
		EditIntegrateService	Privilege to configure HULFT Integrate services.			✓	✓
TransferServiceFullAccess	TransferServiceReadAccess	ListTransferService	Read only access to the list of assigned HULFT Transfer services. Not allowed to see details.	(✓)	(✓)	(✓)	(✓)
		ViewTransferService	Read only access to the details of assigned HULFT Transfer services.	(✓)	(✓)	(✓)	(✓)
		EditTransferService	Privilege to configure HULFT Transfer services.			(✓)	(✓)

✓	:	Available by default
(✓)	:	Paid option

SFTP

When you install SFTP Service from App Square, the permissions below are also installed. Because no permissions are granted by default, assign them manually.

Predefined policy			Permission	Description
SFTPServiceFullAccess	SFTPServiceEditAccess	SFTPServiceReadAccess	ListSFTPService	Read only access to the list of assigned SFTP services. Not allowed to see details.
			ViewSFTPService	Read only access to the details of assigned SFTP services.
			EditSFTPService	Privilege to configure SFTP services.
			SFTPServiceAdminAccess	Administrative access to all SFTP services in the organization.
			ViewSFTPServiceEvents	Read only access to SFTP service history. Only allowed to display records of assigned services.

✓

Available by default

VPN

When you install VPN Service from App Square, the permissions below are also installed. Because no permissions are granted by default, assign them manually.

Predefined policy			Permission	Description
VPNServiceFullAccess	VPNServiceEditAccess	VPNServiceReadAccess	ListVPNService	Read only access to the list of assigned VPN services. Not allowed to see details.
			ViewVPNService	Read only access to the details of assigned VPN services.
			EditVPNService	Privilege to configure VPN services.
			VPNServiceAdminAccess	Administrative access to all VPN services in the organization.
			ViewVPNServiceEvents	Read only access to VPN service history. Only allowed to display records of assigned services.

✓

Available by default

FTP

When you install FTP Service from App Square, the permissions below are also installed. Because no permissions are granted by default, assign them manually.

Predefined policy			Permission	Description
FTPServiceFullAccess	FTPServiceEditAccess	FTPServiceReadAccess	ListFTPService	Read only access to the list of assigned FTP services. Not allowed to see details.
			ViewFTPService	Read only access to the details of assigned FTP services.
			EditFTPService	Privilege to configure FTP services.
			FTPServiceAdminAccess	Administrative access to all FTP services in the organization.
			ViewFTPServiceEvents	Read only access to FTP service history. Only allowed to display records of assigned services.

✓

Available by default

Integrate

Predefined policy		Permission	Description	Developer	Support	System Ops	Admin
IntegrateProjectFullAccess	IntegrateProjectReadAccess	ListIntegrateProject	Read only access to the list of projects. Not allowed to see details.	✓	✓	✓	✓
		ViewIntegrateProject	Read only access to the details of projects.	✓	✓	✓	✓
		EditIntegrateProject	Privilege to edit (create/update/delete) projects.	✓			✓
		IntegrateProjectAdminAccess	Administrative access to all projects in the organization.				✓

✓

Available by default

Profiles

Predefined policy		Permission	Description	Developer	Support	System Ops	Admin
IntegrateProfileFullAccess	IntegrateProfileReadAccess	ListProfile	Read only access to the list of profiles. Not allowed to see details.	✓	✓	✓	✓
		ViewProfile	Read only access to the details of profiles.	✓	✓	✓	✓
		EditProfile	Privilege to edit (create/update/delete) profiles.	✓			✓
		IntegrateProfileAdminAccess	Administrative access to all profiles in the organization.				✓

✓

Available by default

Resources

Predefined policy		Permission	Description	Developer	Support	System Ops	Admin
ConnectionResourceFullAccess	ConnectionResourceReadAccess	ListConnectionResource	Read only access to the list of connection resources. Not allowed to see details.	✓	✓	✓	✓
		ViewConnectionResource	Read only access to the details of connection resources.	✓	✓	✓	✓
		EditConnectionResource	Privilege to edit (create/update/delete) connection resources.	✓		✓	✓
		ConnectionResourceAdminAccess	Administrative access to all connection resources in the organization.				✓
TransferHostFullAccess	TransferHostReadAccess	ListTransferHostResource	Read only access to the list of Transfer Host configurations. Not allowed to see details.	(✓)	(✓)	(✓)	(✓)
		ViewTransferHostResource	Read only access to the details of Transfer Host configurations.	(✓)	(✓)	(✓)	(✓)
		EditTransferHostResource	Privilege to edit (create/update/delete) Transfer Host configurations.	(✓)		(✓)	(✓)
		TransferHostResourceAdminAccess	Administrative access to all Transfer Host configurations in the organization.				✓
SchemaResourceFullAccess	SchemaResourceReadAccess	ListSchemaResource	Read only access to the list of schema resources. Not allowed to see details.	✓	✓	✓	✓
		ViewSchemaResource	Read only access to the details of schema resources.	✓	✓	✓	✓
		EditSchemaResource	Privilege to edit (create/update/delete) schema resources.	✓		✓	✓
		SchemaResourceAdminAccess	Administrative access to all schema resources in the organization.				✓
DataFormatResourceFullAccess	DataFormatResourceReadAccess	ListDataFormatResource	Read only access to the list of data format resources. Not allowed to see details.	✓	✓	✓	✓
		ViewDataFormatResource	Read only access to the details of data format resources.	✓	✓	✓	✓
		EditDataFormatResource	Privilege to edit (create/update/delete) data format resources.	✓		✓	✓
		DataFormatResourceAdminAccess	Administrative access to all data format resources in the organization.				✓
VariableResourceFullAcess	VariableResourceReadAccess	ListVariable	Read only access to the list of variable resources. Not allowed to see details.	✓	✓	✓	✓
		ViewVariable	Read only access to the details of variable resources.	✓	✓	✓	✓
		EditVariable	Privilege to edit (create/update/delete) variable resources.	✓		✓	✓
		VariableResourceAdminAccess	Administrative access to all variable resources in the organization.				✓
CalendarFullAccess	CalendarResourceReadAccess	ListCalendar	Read only access to the calendar resource list. Not allowed to see details.	✓	✓	✓	✓
		ViewCalendar	Read only access to the calendar resource details.	✓	✓	✓	✓
		EditCalendar	Privilege to edit (create/update/delete) calendar resources.	✓		✓	✓
		CalendarResourceAdminAccess	Administrative access to all calendar resources in the organization.				✓

✓	:	Available by default
(✓)	:	Paid option

Transfer (HULFT8)

Predefined policy		Permission	Description	Developer	Support	System Ops	Admin
SendConfigFullAccess	TransferSendConfigReadAccess	ListSendConfig	Read only access to the list of Transfer Send configurations. Not allowed to see details.	(✓)	(✓)	(✓)	(✓)
		ViewSendConfig	Read only access to the details of Transfer Send configurations.	(✓)	(✓)	(✓)	(✓)
		EditSendConfig	Privilege to edit (create/update/delete) Transfer Send configurations.	(✓)			(✓)
		TransferSendConfigAdminAccess	Administrative access to all Transfer Send configurations in the organization.				(✓)
ReceiveConfigFullAccess	TransferRecvConfigReadAccess	ListRecvConfig	Read only access to the list of Transfer Receive configurations. Not allowed to see details.	(✓)	(✓)	(✓)	(✓)
		ViewRecvConfig	Read only access to the details of Transfer Receive configurations.	(✓)	(✓)	(✓)	(✓)
		EditRecvConfig	Privilege to edit (create/update/delete) Transfer Receive configurations.	(✓)			(✓)
		TransferRecvConfigAdminAccess	Administrative access to all Transfer Receive configurations in the organization.				(✓)

(✓)

Paid option

API Management

Predefined policy	Permission	Description	Developer	Support	System Ops	Admin
APIProjectFullAccess	ListAPIProject	Read only access to the list of API projects. Not allowed to see details.	✓	✓	✓	✓
	ViewAPIProject	Read only access to the details of API projects.	✓	✓	✓	✓
	EditAPIProject	Privilege to edit (create/update/delete) API projects. Applied system-wide.				✓
	APIProjectAdminAccess	Administrative access to all API projects in the organization.				✓

✓

Available by default

API Client

Predefined policy	Permission	Description	Developer	Support	System Ops	Admin
APIClientFullAccess	ListAPIClient	Read only access to the list of API clients. Not allowed to see details.	✓	✓	✓	✓
	ViewAPIClient	Read only access to API clients.	✓	✓	✓	✓
	EditAPIClient	Privilege to create and delete API clients. Applied system-wide.				✓
	APIClientAdminAccess	Administrative access to all API clients in the organization.				✓

✓

Available by default

Jobs

Predefined policy		Permission	Description	Developer	Support	System Ops	Admin
FileEventJobFullAccess	FileEventJobReadAccess	ListFileEventJob	Read only access to the list of File Event jobs. Not allowed to see details.	✓	✓	✓	✓
		ViewFileEventJob	Read only access to the details of File Event jobs.	✓	✓	✓	✓
		EditFileEventJob	Privilege to edit (create/update/delete) File Event jobs.	✓			✓
		ExecuteFileEventJob	Privilege to execute (including turn on and off) File Event jobs.	✓		✓	✓
		FileEventJobAdminAccess	Administrative access to all records of File Event jobs in the organization.				✓
ScheduleJobFullAccess	ScheduleJobReadAccess	ListScheduleJob	Read only access to the list of Schedule jobs. Not allowed to see details.	✓	✓	✓	✓
		ViewScheduleJob	Read only access to the details of Schedule jobs.	✓	✓	✓	✓
		EditScheduleJob	Privilege to edit (create/update/delete) Schedule jobs.	✓			✓
		ExecuteScheduleJob	Privilege to execute (including turn on and off) Schedule jobs.	✓		✓	✓
		ScheduleJobAdminAccess	Administrative access to all records of Schedule jobs in the organization.				✓
RESTAPIJobFullAccess	RESTAPIJobReadAccess	ListRESTAPIJob	Read only access to the list of REST API jobs. Not allowed to see details.	✓	✓	✓	✓
		ViewRESTAPIJob	Read only access to the details of REST API jobs.	✓	✓	✓	✓
		EditRESTAPIJob	Privilege to edit REST API jobs (create/update/delete).	✓			✓
		ExecuteRESTAPIJob	Privilege to execute (including turn on and off) REST API jobs.	✓		✓	✓
		RESTAPIJobAdminAccess	Administrative access to all records of REST API jobs in the organization.				✓
TransferJobFullAccess	TransferJobReadAccess	ListTransferJob	Read only access to the list of HULFT Transfer jobs. Not allowed to see details.	(✓)	(✓)	(✓)	(✓)
		ViewTransferJob	Read only access to the details of HULFT Transfer jobs.	(✓)	(✓)	(✓)	(✓)
		EditTransferJob	Privilege to edit (create/update/delete) HULFT Transfer jobs.	(✓)			(✓)
		ExecuteTransferJob	Privilege to execute (including turn on and off) HULFT Transfer jobs.	(✓)		(✓)	(✓)
		TransferJobAdminAccess	Administrative access to all records of HULFT Transfer jobs in the organization.				✓

✓	:	Available by default
(✓)	:	Paid option

Package Management

Predefined policy		Permission	Description	Developer	Support	System Ops	Admin
DependencyFullAccess		ViewDependency	Privilege to see the dependency relationship.	✓	✓	✓	✓
		EditDependency	Privilege to edit the dependency relationship.	✓		✓	✓

✓

Available by default

Dashboard

Predefined policy		Permission	Description	Developer	Support	System Ops	Admin
DashboardFullAccess	MeteringFullAccess	ViewMeteringWidget	Privilege to view the Resource Metering widget contents in the dashboard.	✓		✓	✓

✓

Available by default

Logs

Predefined policy		Permission	Description	Developer	Support	System Ops	Admin
SystemEventsFullAccess	ServiceEventsFullAccess	ViewIntegrateServiceEvents	Read only access to the event history of HULFT Integrate services. Only allowed to see the event history of assigned services.	✓	✓	✓	✓
		ViewTransferServiceEvents	Read only access to the event history of HULFT Transfer services. Only allowed to see the event history of assigned services.	✓	✓	✓	✓
		TransferServiceEventsAdminAccess	Read only access to the event history of all HULFT Transfer services in the organization regardless of assignment.		✓	✓	✓
	JobEventsFullAccess	ViewScheduleJobEvents	Read only access to the event history of Schedule jobs. Not allowed to see other's records.	✓	✓	✓	✓
		ScheduleJobEventsAdminAccess	Read only access to the event history of all Schedule jobs in the organization regardless of assignment.		✓	✓	✓
		ViewFileJobEvents	Read only access to the event history of File Event jobs. Not allowed to see other's records.	✓	✓	✓	✓
		FileJobEventsAdminAccess	Read only access to the event history of all File Event jobs in the organization regardless of assignment.		✓	✓	✓
		ViewTransferJobEvents	Read only access to the event history of HULFT Transfer jobs. Not allowed to see other's records.	✓	✓	✓	✓
		TransferJobEventsAdminAccess	Read only access to the event history of all HULFT Transfer jobs in the organization regardless of assignment.		✓	✓	✓
	AppEventsFullAccess	ViewIntegrateAppEvents	Read only access to the service event history of HULFT Integrate. Not allowed to see other's records.	✓	✓	✓	✓
		IntegrateAppEventsAdminAccess	Read only access to the service event history of all HULFT Integrate services in the organization regardless of assignment.		✓	✓	✓
		ViewTransferAppEvents	Read only access to the service event history of HULFT Transfer.	✓	✓	✓	✓
		TransferAppEventsAdminAccess	Read only access to the service event history of all HULFT Transfer services in the organization regardless of assignment.		✓	✓	✓
		ViewApplicationEvents	Read only access to the event history of applications. Not allowed to see other's records.	✓	✓	✓	✓
		ApplicationEventsAdminAccess	Read only access to the event history of all applications in the organization regardless of assignment.		✓	✓	✓

✓

Available by default

User/Group and Access Management

Predefined policy		Permission	Description	Developer	Support	System Ops	Admin
PermissionFullAccess	PermissionReadAccess	ListPermission	Read only access to the list of permissions.	✓	✓	✓	✓
PolicyFullAccess	PolicyReadAccess	ListPolicy	Read only access to the list of policies. Not allowed to see which permissions a policy contains.	✓	✓	✓	✓
		ViewPolicy	Read only access to the details of which permissions a policy contains.	✓	✓	✓	✓
		EditPolicy	Privilege to customize (create/update/delete) policies. Pre-defined policies can't be modified or deleted.				✓
UserGroupFullAccess	UserReadAccess	ListUser	Read only access to the list of users. Not allowed to see details, for example assigned policies.				✓
		ViewUser	Read only access to the details of users, for example assigned policies.				✓
		EditUser	Privilege to manage the users in the organization.				✓
		InviteUser	Privilege to invite users.	✓	✓	✓	✓
	GroupReadAccess	ListGroup	Read only access to the list of groups. Not allowed to see details, for example who belongs to a group.	✓	✓	✓	✓
		ViewGroup	Read only access to the details of groups, for example who belongs to a group.	✓	✓	✓	✓
		EditGroup	Privilege to manage the groups in the organization.				✓

✓

Available by default

Workspace

Predefined policy	Permission	Description	Developer	Support	System Ops	Admin
WorkspaceFullAccess	ListWorkspace	Read only access to the list of workspaces. Not allowed to see details.	✓	✓	✓	✓
	ViewWorkspace	Read only access to the details of workspaces.	✓	✓	✓	✓
	EditWorkspace	Privilege to edit (create/update/delete) workspaces. Applied system-wide.				✓
	WorkspaceAdminAccess	Administrative access to all workspaces in the organization.				✓

✓

Available by default

VPC Endpoint

Predefined policy	Permission	Description	Developer	Support	System Ops	Admin
VPCEndpointFullAccess	ListVPCEndpoint	Read only access to the list of VPC endpoints. Not allowed to see details.	✓	✓	✓	✓
	ViewVPCEndpoint	Read only access to VPC endpoints.	✓	✓	✓	✓
	EditVPCEndpoint	Privilege to create and delete VPC endpoints. Applied system-wide.				✓
	VPCEndpointAdminAccess	Administrative access to all VPC endpoints in the organization.				✓

✓

Available by default

PrivateLink

When you install HULFT Square Link from App Square, the permissions below are also installed. Because no permissions are granted by default, assign them manually.

Predefined policy	Permission	Description
PrivateLinkFullAccess	ListPrivateLink	Read only access to the PrivateLink list. Not allowed to see details.
	ViewPrivateLink	Read only access to PrivateLink.
	EditPrivateLink	Privilege to create and delete PrivateLink connections. Applied system-wide.
	PrivateLinkAdminAccess	Administrative access to all PrivateLink connections in the organization.

✓

Available by default

Password Policy Management

Predefined policy		Permission	Description	Developer	Support	System Ops	Admin
PasswordPolicyFullAccess		ViewPasswordPolicy	Privilege to see permission policy that is unique to the organization.				✓
		EditPasswordPolicy	Privilege to edit permission policy that is unique to the organization.				✓

✓

Available by default

API Token

Predefined policy		Permission	Description	Developer	Support	System Ops	Admin
APITokenExpirationPeriodFullAccess		ViewAPITokenExpirationPeriod	Privilege to see expiration period of API token.				✓
		EditAPITokenExpirationPeriod	Privilege to edit expiration period of API token.				✓

✓

Available by default

Single Sign-on

Because no permissions are granted by default, assign them manually.

Predefined policy

Permission

Description

Developer

Support

System Ops

Admin

SSOFullAccess

ViewSSO

Privilege to see SSO settings that are specific to your organization.

EditSSO

Privilege to edit SSO settings that are specific to your organization.

Users who have this permission need to log in by password even if SSO is enabled.

✓

Available by default

Report (Audit)

Predefined policy	Permission	Description	System Ops	Admin
ReportFullAccess	ReportUserLoginHistory	Privilege to see all records of user login/logout history.	✓	✓
	ReportSystemEvents	Privilege to see all records of the history for infrastructure, service, and application events.	✓	✓
	ReportRestAPIJob	Privilege to see all records of the REST API jobs history.	✓	✓
AuditConfigFullAccess	ViewAuditConfig	Privilege to see audit settings that are specific to your organization.	✓	✓
	EditAuditConfig	Privilege to edit audit settings that are specific to your organization.	✓	✓

✓

Available by default

Notifications

Predefined policy		Permission	Description	System Ops	Admin
NotificationFullAccess	NotificationsConfigFullAccess	ViewNotificationsConfig	Privilege to see notification settings that are specific to your organization.	✓	✓
		EditNotificationsConfig	Privilege to edit notification settings that are specific to your organization.	✓	✓
	EmailNotificationsConfigFullAccess	ViewEmailNotificationsConfig	Privilege to see email notification settings that are specific to your organization.	✓	✓
		EditEmailNotificationsConfig	Privilege to edit email notification settings that are specific to your organization.	✓	✓

✓

Available by default

Support

Predefined policy		Permission	Description	Developer	Support	System Ops	Admin
SupportFullAccess		TicketingSystem	Privilege to use technical support.		✓		✓
		ViewOnlineDocument	Privilege to see online technical documents.	✓	✓	✓	✓

✓

Available by default

Billing

Predefined policy		Permission	Description	Developer	Support	System Ops	Admin
BillingFullAccess		ViewServicePlan	Read only access to service plans.				✓

✓

Available by default

System Information

Predefined policy		Permission	Description	Developer	Support	System Ops	Admin
SystemInformationFullAccess		ViewSystemInformation	Privilege to see system information.			✓	✓

✓

Available by default