Skip to main content
Go to documentation:
⌘U
Weaviate Database

Develop AI applications using Weaviate's APIs and tools

Deploy

Deploy, configure, and maintain Weaviate Database

Weaviate Agents

Build and deploy intelligent agents with Weaviate

Weaviate Cloud

Manage and scale Weaviate in the cloud

Additional resources

Integrations
Contributor guide
Events & Workshops
Weaviate Academy

Need help?

Weaviate LogoAsk AI Assistant⌘K
Community Forum

Authorization

info

This guide only applies to clusters that have RBAC (Role-Based Access Control) enabled. New clusters with Weaviate version v1.30 (or later) have RBAC enabled by default.

Create a role

Custom roles allow you to define specific permissions for different users or applications accessing your Weaviate cluster. You can control access to collections, tenants, and specific operations.


Steps to create a new role

To create a new role, follow these steps:

  1. Open the Weaviate Cloud console.
  2. Select your cluster and navigate to the Roles section.
  3. Click on the New role button.
  4. Enter a descriptive name for your role in the Role name field.
  5. In the sections below, configure the permissions:
    • Select which resources the permission applies to (for example, to which collections the role has access to)
    • Choose the appropriate permissions (create, read, update, etc.)
  6. Click the Create button to save your new role.
info

To find out more about RBAC and available permissions, check out the RBAC documentation.

Edit a role

You can modify the permissions and settings of existing custom roles at any time.


Steps to edit a role

To edit a role, follow these steps:

  1. From the roles management page, locate the role you want to edit.
  2. Click the Pencil button next to the role you want to modify.
  3. In the role editing interface, you can:
    • Update collection permissions by checking or unchecking the appropriate boxes for Create, Read, Update, and Delete operations
    • Add or remove additional constraints from the role's scope using the dropdown menus (e.g. which collections the permissions apply to)
  4. After making your changes, click the Update button to save the modifications.
  5. Changes to role permissions take effect immediately for all API keys assigned to that role.

Delete a role

When you no longer need a custom role, you can delete it. This action will affect all API keys currently assigned to this role.


Steps to delete a role

To delete a role, follow these steps:

  1. From the roles management page, locate the role you want to delete.
  2. Click the Trash can button next to the role you want to remove.
  3. In the confirmation dialog, type the exact role name to confirm the deletion. This prevents accidental deletions.
  4. Click Confirm and delete to permanently remove the role.

Deleting a role is permanent and cannot be undone. This action will:

  • Remove the role and all its associated permissions
  • Affect any API keys that were assigned to this role
  • Potentially break applications that rely on the permissions granted by this role

Make sure to update or reassign any affected API keys before deleting a role.

info

You cannot delete the built-in admin and viewer roles, as these are system-defined roles required for basic cluster operations.

Further resources

Support

For help with Serverless Cloud, Enterprise Cloud, and Bring Your Own Cloud accounts, contact Weaviate support directly to open a support ticket. To add a support plan, contact Weaviate sales.

If you have any questions or feedback, let us know in the user forum.

Technical questions

If you have questions feel free to post on our Community forum.

Documentation feedback

Leave feedback by opening a GitHub issue.