Define roles with authorized API operations

Roles define a set of API operations permitted for a resource set. You apply roles to users and teams by creating grants. Roles have the following important characteristics:

  • Roles are always enabled.

  • Roles cannot be edited. To change a role, you must delete it and create a new role with the changes you want to implement.

  • To delete roles used within a grant, you must first delete the grant.

  • Only administrators can create and delete roles.

This topic explains how to create custom Swarm roles and describes default and Swarm operations roles.