# Roles and permissions

## Overview

SRE.ai uses role-based access control (RBAC) to manage what team members can do within a workspace.

Every user is assigned one of three roles — **Owner**, **Admin**, or **Member** — which determines what actions they can take across the product, including pipeline management and team settings.

## Roles

SRE.ai defines three roles:

| Role       | Description                                                             |
| ---------- | ----------------------------------------------------------------------- |
| **Owner**  | Full access to all features. Can assign any role to other members.      |
| **Admin**  | Full access except delete operations. Can assign Admin or Member roles. |
| **Member** | Read-only access. Cannot change roles or perform write operations.      |

### Permissions by area

#### Pipelines

| Action                 | Owner | Admin | Member |
| ---------------------- | ----- | ----- | ------ |
| View pipeline          | ✅     | ✅     | ✅      |
| Create / edit pipeline | ✅     | ✅     | ❌      |
| Delete pipeline        | ✅     | ❌     | ❌      |

#### Team settings

| Action                 | Owner | Admin | Member |
| ---------------------- | ----- | ----- | ------ |
| Invite new members     | ✅     | ✅     | ❌      |
| Change a member's role | ✅     | ✅     | ❌      |
| Change own role        | ❌     | ❌     | ❌      |

## Role hierarchy

Role assignment follows a strict hierarchy:

* **Owners** can assign any role (Owner, Admin, or Member) to any other team member
* **Admins** can assign Admin or Member roles, but cannot assign or create Owners
* **Members** cannot assign roles
* No user can change their own role

## Managing roles

### Assigning a role when inviting a new member

1. In the team settings page, click **Invite member**
2. Enter the new member's email address
3. Select a role from the role dropdown — **Owner**, **Admin**, or **Member**
4. Send the invitation

The invited user will be assigned the selected role when they join the workspace.

{% hint style="info" %}
The roles available in the dropdown depend on your own role. Admins will not see the Owner option.
{% endhint %}

### Changing an existing member's role

1. In the team settings page, locate the member in the members list
2. Click the role selector on their row
3. Select the new role

The change takes effect immediately.

{% hint style="warning" %}
You cannot change your own role. Ask another Owner or Admin to make the change if needed.
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.sre.ai/setting-up-sre.ai/roles-and-permissions.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.