Yandex Cloud
Search
Contact UsGet started
  • Pricing
  • Customer Stories
  • Documentation
  • Blog
  • All Services
  • System Status
    • Featured
    • Infrastructure & Network
    • Data Platform
    • Containers
    • Developer tools
    • Serverless
    • Security
    • Monitoring & Resources
    • AI Studio
    • Business tools
  • All Solutions
    • By industry
    • By use case
    • Economics and Pricing
    • Security
    • Technical Support
    • Start testing with double trial credits
    • Cloud credits to scale your IT product
    • Gateway to Russia
    • Cloud for Startups
    • Education and Science
    • Yandex Cloud Partner program
  • Pricing
  • Customer Stories
  • Documentation
  • Blog
© 2025 Direct Cursus Technology L.L.C.
Yandex MetaData Hub
    • Overview
    • Connection Manager roles
    • Metastore roles
    • Schema Registry roles
  • Audit Trails events
  • Pricing policy
  • Troubleshooting
  • Public materials
  • Release notes
  1. Access management
  2. Connection Manager roles

Service roles for managing connections using Yandex Connection Manager

Written by
Yandex Cloud
Updated at May 22, 2025

With Yandex Connection Manager service roles, you can view non-secret connection data and manage connections. You can view secret connection data, such as DB passwords, in Yandex Lockbox. To do this, you will also need the lockbox.payloadViewer role.

connection-manager.auditorconnection-manager.auditor

The connection-manager.auditor role allows you to view public details on connections and access permissions assigned to them. If you have this role assigned for a cloud, it will also enable viewing Connection Manager quotas.

connection-manager.viewerconnection-manager.viewer

The connection-manager.viewer role enables viewing info on connections and access permissions assigned to them, as well as on the Connection Manager quotas.

This role includes the connection-manager.auditor permissions.

connection-manager.editorconnection-manager.editor

The connection-manager.editor role allows you to manage connections and view their details.

Users with this role can:

  • Create, use, edit, and delete connections.
  • View connection details and info on connection access permissions.
  • View info on Connection Manager quotas.

This role includes the connection-manager.viewer permissions.

connection-manager.adminconnection-manager.admin

The connection-manager.admin role allows you to manage connections and access to those, as well as view connection details.

Users with this role can:

  • Create, use, edit, and delete connections, as well as manage access to them.
  • View connection details and info on connection access permissions.
  • View info on Connection Manager quotas.

This role includes the connection-manager.editor permissions.

connection-manager.userconnection-manager.user

The connection-manager.user role enables using connections in the resources of other cloud services integrated with Connection Manager, e.g., in Data Transfer, DataLens, WebSQL, etc.

Roles requiredRoles required

The table below lists the roles required to perform a particular action. You can always assign a role offering more permissions than the one specified. For example, you can assign editor instead of viewer.

Action Required roles
Getting information about connections connection-manager.viewer
Getting a list of connections connection-manager.viewer
Creating a connection connection-manager.editor
Editing a connection connection-manager.editor
Deleting a connection connection-manager.editor
Setting connection access permissions connection-manager.admin
Changing connection access permissions connection-manager.admin

Was the article helpful?

Previous
Overview
Next
Metastore roles
© 2025 Direct Cursus Technology L.L.C.