Define roles with authorized API operations¶
Roles define a set of API operations permitted for a resource set. You apply roles to users and teams by creating grants. Roles have the following important characteristics:
Roles are always enabled.
Roles cannot be edited. To change a role, you must delete it and create a new role with the changes you want to implement.
To delete roles used within a grant, you must first delete the grant.
Only administrators can create and delete roles.
This topic explains how to create custom Swarm roles and describes default and Swarm operations roles.