Amazon CodeCatalyst will no longer be open to new customers starting on November 7, 2025. If you would like to use the service, please sign up prior to November 7, 2025. For more information, see How to migrate from CodeCatalyst.
Viewing the permissions available for each role
The following table shows the permissions available for each CodeCatalyst role. Use the links to jump to the appropriate set of permissions.
| Permission | Space administrator role | Power user role | Limited access role | Project administrator role | Contributor role | Reviewer role | Read only role |
|---|---|---|---|---|---|---|---|
| Space permissions |
|||||||
|
Create space |
|
|
|
|
|
|
|
|
Edit space billing details |
|
|
|
|
|
|
|
|
Set up and enable single sign-on |
|
|
|
|
|
|
|
|
Remove single sign-on |
|
|
|
|
|
|
|
|
Enable generative AI features for a space |
|
|
|
|
|
|
|
|
Disable generative AI features for a space |
|
|
|
|
|
|
|
|
Delete space |
|
|
|
|
|
|
|
|
Add other users to the Space administrator role |
|
|
|
|
|
|
|
|
Remove other users from the Space administrator role |
|
|
|
|
|
|
|
|
Create team |
|
|
|
|
|
|
|
|
Delete team |
|
|
|
|
|
|
|
|
Update team |
|
|
|
|
|
|
|
|
Disable machine resources for the space |
|
|
|
|
|
|
|
|
Enable machine resources for the space |
|
|
|
|
|
|
|
|
Create project |
|
|
|
|
|
|
|
|
Associate an AWS account connection with the space |
|
|
|
|
|
|
|
|
Update an AWS account connection |
|
|
|
|
|
|
|
|
Disassociate an AWS account connection from the space |
|
|
|
|
|
|
|
|
Delete an AWS account connection and remove it from the space |
|
|
|
|
|
|
|
|
Enable project-restricted account connections in the space ¹ |
|
|
|
|
|
|
|
|
Disable project-restricted account connections in the space ² |
|
|
|
|
|
|
|
|
Invite others to the space |
|
|
|
|
|
|
|
|
Create VPC connection |
|
|
|
|
|
|
|
|
Edit VPC connection |
|
|
|
|
|
|
|
|
Delete VPC connection |
|
|
|
|
|
|
|
|
View logs of activity in the space |
|
|
|
|
|
|
|
|
View AWS account connections |
|
|
|
|
|
|
|
|
View incidents for CodeCatalyst |
|
|
|
|
|
|
|
|
View space |
|
|
|
|
|
|
|
|
View teams |
|
|
|
|
|
|
|
|
View VPC connections |
|
|
|
|
|
|
|
|
¹ With the Power user role, you can enable project restrictions for an account, but you can only configure access for projects where you are a member. ² With the Power user role, you can disable project restrictions for an account, but you can only configure access for projects where you are a member. |
|||||||
Extensions permissions |
Space administrator role | Power user role | Limited access role | Project administrator role | Contributor role | Reviewer role | Read only role |
|
Install extensions |
|
|
|
|
|
|
|
|
Update extensions |
|
|
|
|
|
|
|
|
Delete extensions |
|
|
|
|
|
|
|
|
Connect a GitHub account |
|
|
|
|
|
|
|
|
Disconnect a GitHub account |
|
|
|
|
|
|
|
|
Connect a Jira site |
|
|
|
|
|
|
|
|
Disconnect a Jira site |
|
|
|
|
|
|
|
|
View configuration details for installed extensions |
|
|
|
|
|
|
|
|
View extensions |
|
|
|
|
|
|
|
| Project permissions |
Space administrator role | Power user role | Limited access role | Project administrator role | Contributor role | Reviewer role | Read only role |
|
Edit project settings |
|
|
|
|
|
|
|
|
Disable machine resources for the project |
|
|
|
|
|
|
|
|
Enable machine resources for the project |
|
|
|
|
|
|
|
|
Delete project |
|
|
|
|
|
|
|
|
Invite users to a project |
|
|
|
|
|
|
|
|
Change roles of users in a project |
|
|
|
|
|
|
|
|
Remove users from a project |
|
|
|
|
|
|
|
|
Add team to a project |
|
|
|
|
|
|
|
|
Remove team from a project |
|
|
|
|
|
|
|
|
Change project role of team |
|
|
|
|
|
|
|
|
View project |
|
|
|
|
|
|
|
|
View project activity |
|
|
|
|
|
|
|
|
View teams in project |
|
|
|
|
|
|
|
|
View blueprints |
|
|
|
|
|
|
|
| Source repository permissions |
Space administrator role | Power user role | Limited access role | Project administrator role | Contributor role | Reviewer role | Read only role |
|
Create repositories |
|
|
|
|
|
|
|
|
Link repositories |
|
|
|
|
|
|
|
|
Unlink repositories |
|
|
|
|
|
|
|
|
Delete repositories |
|
|
|
|
|
|
|
|
Edit repository settings |
|
|
|
|
|
|
|
|
View repositories |
|
|
|
|
|
|
|
|
View repository settings |
|
|
|
|
|
|
|
|
Clone repositories |
|
|
|
|
|
|
|
|
Create branches |
|
|
|
|
|
|
|
|
Create branch rules |
|
|
|
|
|
|
|
|
Change default branch |
|
|
|
|
|
|
|
|
Delete branches |
|
|
|
|
|
|
|
|
Merge branches |
|
|
|
|
|
|
|
|
Update branch rules |
|
|
|
|
|
|
|
|
View branches |
|
|
|
|
|
|
|
|
View branch rules |
|
|
|
|
|
|
|
|
Create folders |
|
|
|
|
|
|
|
|
Delete folders |
|
|
|
|
|
|
|
|
Edit folders |
|
|
|
|
|
|
|
|
View folders |
|
|
|
|
|
|
|
|
Create files |
|
|
|
|
|
|
|
|
Delete files |
|
|
|
|
|
|
|
|
Edit files |
|
|
|
|
|
|
|
|
View files |
|
|
|
|
|
|
|
|
Create and push commits |
|
|
|
|
|
|
|
|
View commits |
|
|
|
|
|
|
|
|
Create pull requests |
|
|
|
|
|
|
|
|
Create approval rules for pull requests |
|
|
|
|
|
|
|
|
Override merge requirements for pull requests |
|
|
|
|
|
|
|
|
Update pull requests |
|
|
|
|
|
|
|
|
Update approval rules for pull requests |
|
|
|
|
|
|
|
|
View pull requests |
|
|
|
|
|
|
|
|
View approval rules for pull requests |
|
|
|
|
|
|
|
|
Close pull requests |
|
|
|
|
|
|
|
|
Approve pull requests |
|
|
|
|
|
|
|
|
Comment on pull requests |
|
|
|
|
|
|
|
|
Interact with Amazon Q in comments on pull requests |
|
|
|
|
|
|
|
|
Create a revision for a pull request created by Amazon Q |
|
|
|
|
|
|
|
|
Link an issue to a pull request |
|
|
|
|
|
|
|
|
Unlink an issue from a pull request |
|
|
|
|
|
|
|
| Dev Environment permissions |
Space administrator role | Power user role | Limited access role | Project administrator role | Contributor role | Reviewer role | Read only role |
|
Create your own Dev Environment |
|
|
|
|
|
|
|
|
Stop your own Dev Environment |
|
|
|
|
|
|
|
|
Stop Dev Environments created by other users |
|
|
|
|
|
|
|
|
Resume your own Dev Environment |
|
|
|
|
|
|
|
|
View your own Dev Environments |
|
|
|
|
|
|
|
|
View Dev Environments created by other users |
|
|
|
|
|
|
|
|
Edit your own Dev Environment |
|
|
|
|
|
|
|
|
Edit Dev Environments created by other users |
|
|
|
|
|
|
|
|
Delete your own Dev Environment |
|
|
|
|
|
|
|
|
Delete Dev Environments created by other users |
|
|
|
|
|
|
|
|
Create a devfile for Dev Environments |
|
|
|
|
|
|
|
|
Edit a devfile for Dev Environments |
|
|
|
|
|
|
|
|
Delete a devfile for Dev Environments |
|
|
|
|
|
|
|
|
View a devfile for Dev Environments |
|
|
|
|
|
|
|
| Package repository and package permissions |
Space administrator role | Power user role | Limited access role | Project administrator role | Contributor role | Reviewer role | Read only role |
|
Create package repository |
|
|
|
|
|
|
|
|
View package repositories |
|
|
|
|
|
|
|
|
Edit package repository |
|
|
|
|
|
|
|
|
Delete package repository |
|
|
|
|
|
|
|
|
Create gateway package repository |
|
|
|
|
|
|
|
|
View gateway package repositories |
|
|
|
|
|
|
|
|
Delete gateway package repository |
|
|
|
|
|
|
|
|
Add upstream package repository |
|
|
|
|
|
|
|
|
Edit search order of upstream repositories |
|
|
|
|
|
|
|
|
Remove upstream package repository |
|
|
|
|
|
|
|
|
Connect to a package repository |
|
|
|
|
|
|
|
|
Read packages from a package repository |
|
|
|
|
|
|
|
|
Publish packages to a package repository |
|
|
|
|
|
|
|
|
Read and retain packages from an upstream repository |
|
|
|
|
|
|
|
|
View packages |
|
|
|
|
|
|
|
|
View package versions |
|
|
|
|
|
|
|
|
View package version assets |
|
|
|
|
|
|
|
|
List package version dependencies |
|
|
|
|
|
|
|
|
Update package version status |
|
|
|
|
|
|
|
|
Update package origin configuration |
|
|
|
|
|
|
|
|
Delete package version |
|
|
|
|
|
|
|
| Workflow permissions |
Space administrator role | Power user role | Limited access role | Project administrator role | Contributor role | Reviewer role | Read only role |
|
Create workflow |
|
|
|
|
|
|
|
|
Update workflow |
|
|
|
|
|
|
|
|
Delete workflow |
|
|
|
|
|
|
|
|
Start workflow |
|
|
|
|
|
|
|
|
Stop workflow |
|
|
|
|
|
|
|
|
Create workflow secrets |
|
|
|
|
|
|
|
|
Update workflow secrets |
|
|
|
|
|
|
|
|
Delete workflow secrets |
|
|
|
|
|
|
|
|
Create environments |
|
|
|
|
|
|
|
|
Delete environments |
|
|
|
|
|
|
|
|
Create fleet |
|
|
|
|
|
|
|
|
Update fleet |
|
|
|
|
|
|
|
|
Delete fleet |
|
|
|
|
|
|
|
|
Manage workflow resources in other accounts |
|
|
|
|
|
|
|
|
Associate an AWS account connection with an environment |
|
|
|
|
|
|
|
|
Associate a default IAM role with an environment |
|
|
|
|
|
|
|
|
Associate a VPC connection with an environment |
|
|
|
|
|
|
|
|
Disassociate a VPC connection with an environment |
|
|
|
|
|
|
|
|
Associate a VPC-connected environment with a workflow |
|
|
|
|
|
|
|
|
Disassociate a VPC-connected environment with a workflow |
|
|
|
|
|
|
|
|
Approve workflow runs |
|
|
|
|
|
|
|
|
Track a commit in a workflow |
|
|
|
|
|
|
|
|
View environments |
|
|
|
|
|
|
|
|
View build action logs |
|
|
|
|
|
|
|
|
View fleets |
|
|
|
|
|
|
|
|
View test action logs |
|
|
|
|
|
|
|
|
View workflow |
|
|
|
|
|
|
|
|
View workflow runs |
|
|
|
|
|
|
|
|
View workflow run results |
|
|
|
|
|
|
|
|
View workflow secrets |
|
|
|
|
|
|
|
| Issues permissions |
Space administrator role | Power user role | Limited access role | Project administrator role | Contributor role | Reviewer role | Read only role |
|
Create issue |
|
|
|
|
|
|
|
|
Update issue |
|
|
|
|
|
|
|
|
View issues |
|
|
|
|
|
|
|
|
Create task |
|
|
|
|
|
|
|
|
Update task |
|
|
|
|
|
|
|
|
View tasks |
|
|
|
|
|
|
|
|
Archive an issue |
|
|
|
|
|
|
|
|
Assign an issue to Amazon Q |
|
|
|
|
|
|
|
|
Interact with Amazon Q in comments on an issue |
|
|
|
|
|
|
|
|
Unassign Amazon Q from an issue |
|
|
|
|
|
|
|
|
Recommend tasks for an issue with Amazon Q |
|
|
|
|
|
|
|
|
Create tasks recommended by Amazon Q |
|
|
|
|
|
|
|
|
Update issues created by other users |
|
|
|
|
|
|
|
|
View comments on an issue |
|
|
|
|
|
|
|
|
Create a comment on an issue |
|
|
|
|
|
|
|
|
Update a comment on an issue |
|
|
|
|
|
|
|
|
Create a label |
|
|
|
|
|
|
|
|
Update a label |
|
|
|
|
|
|
|
|
View labels |
|
|
|
|
|
|
|
|
Add a label to an issue |
|
|
|
|
|
|
|
|
Remove a label from an issue |
|
|
|
|
|
|
|
|
Create a custom status for issues |
|
|
|
|
|
|
|
|
Update a custom status |
|
|
|
|
|
|
|
|
View a custom status |
|
|
|
|
|
|
|
|
Move a custom status |
|
|
|
|
|
|
|
|
Deactivate a custom status |
|
|
|
|
|
|
|
|
Add an attachment to an issue |
|
|
|
|
|
|
|
|
View an issue attachment |
|
|
|
|
|
|
|
|
Remove an attachment from an issue |
|
|
|
|
|
|
|
|
Link an issue to another issue |
|
|
|
|
|
|
|
|
Unlink an issue from another issue |
|
|
|
|
|
|
|
|
Update an issue link |
|
|
|
|
|
|
|
|
View links for an issue |
|
|
|
|
|
|
|
|
Link a pull request to an issue |
|
|
|
|
|
|
|
|
Unlink a pull request from an issue |
|
|
|
|
|
|
|
|
Link a Jira project |
|
|
|
|
|
|
|
|
Unlink a Jira project |
|
|
|
|
|
|
|
| Blueprint permissions |
Space administrator role | Power user role | Limited access role | Project administrator role | Contributor role | Reviewer role | Read only role |
|
Create custom blueprint project |
|
|
|
|
|
|
|
|
Publish a preview custom blueprint |
|
|
|
|
|
|
|
|
Publish a custom blueprint |
|
|
|
|
|
|
|
|
Add a custom blueprint to a space blueprints catalog |
|
|
|
|
|
|
|
|
Remove a custom blueprint from a space blueprints catalog |
|
|
|
|
|
|
|
|
Manage the publishing permissions for a custom blueprint |
|
|
|
|
|
|
|
|
Manage the catalog version for a custom blueprint |
|
|
|
|
|
|
|
|
Update a custom blueprint |
|
|
|
|
|
|
|
|
Delete a custom blueprint version |
|
|
|
|
|
|
|
|
Delete a custom blueprint |
|
|
|
|
|
|
|
|
Convert a source repository to a custom blueprint |
|
|
|
|
|
|
|
|
Add a custom blueprint to a project |
|
|
|
|
|
|
|
|
Disassociate a custom blueprint from a project |
|
|
|
|
|
|
|
|
Update the version of an applied custom blueprint |
|
|
|
|
|
|
|
|
Edit the settings of a custom blueprint |
|
|
|
|
|
|
|
|
View published custom blueprints |
|
|
|
|
|
|
|
| Notifications permissions |
Space administrator role | Power user role | Limited access role | Project administrator role | Contributor role | Reviewer role | Read only role |
|
Configure notification channel |
|
|
|
|
|
|
|
|
Remove notification channel |
|
|
|
|
|
|
|
|
Edit notification settings |
|
|
|
|
|
|
|
|
View notification settings |
|
|
|
|
|
|
|
|
Automatically receive notifications about CodeCatalyst incidents |
|
|
|
|
|
|
|
|
Configure email notifications for your associated email account |
|
|
|
|
|
|
|
| Search permissions |
Space administrator role | Power user role | Limited access role | Project administrator role | Contributor role | Reviewer role | Read only role |
|
Search inside a project |
|
|
|
|
|
|
|
|
Search across the space |
|
|
|
|
|
|
|
