Valarian

Appearance

Roles and Access Control in ACRA

ACRA enforces access at two distinct levels:

  1. Portal-Level – controls who can manage the overall ACRA Portal environment and create, administer or enter into Enclaves
  2. Enclave-Level – controls what users can do inside a specific secure Enclave.

This separation ensures ACRA Portal governance is isolated from workload execution and collaboration.

ACRA separates access control into two layers

Portal roles determine who can administer the platform and create or enter Enclaves. Enclave roles determine what a user can do inside a specific Enclave.

A user may hold different permissions at each layer.

ACRA Portal-Level Roles

Platform level roles define who can manage the portal and who can create or own Enclaves.

For more information about Platform versus Enclaves see the Core Concepts documentation.

Maintainer

Highest level of platform authority.

Maintainers can:

  • Edit platform settings
  • Manage users (create, update, remove)
  • Manage their own Enclave (full CRUD operations)
  • Enter Enclave(s) if invited

Maintainers can see all Enclaves, create Enclaves for others that they do not own, but cannot enter Enclaves they are not invited members of.

Maintainer Access

Maintainers can see all Enclaves and manage platform configuration, but they cannot enter an Enclave unless they are explicitly invited as a member.

Platform authority does not grant automatic access to Enclave workloads or data.

Maintainer with Auditor Sub-role

A Maintainer can be granted the Auditor sub-role.

In addition to Maintainer capabilities they can also view platform Activity Logs.

Users that require oversight into all platform actions typically receive this role. This is commonly assigned to compliance or leadership functions.

Maintainer with Ops Sub-role

A Maintainer can be granted the Ops sub-role.

In addition to Maintainer capabilities they can access the available DevOps tools.

This role is intended for platform operators responsible for deployment, infrastructure, or lifecycle management.

Note: Auditor and Ops are additive roles. A user must already be a Maintainer to receive them.

Resident

Residents operate primarily at the Enclave level.

Residents can:

  • Create Enclaves and invite members of the Portal to their Enclave(s)
  • Manage Enclave(s) they own
  • Join Enclaves if invited

Residents are limited in their permissions in the ACRA Portal.

They cannot:

  • Edit Portal settings
  • Manage Portal users
  • View other Portal users or their details
  • View Activity Logs
  • Access DevOps tooling
  • Access Portal settings

This role is suitable for internal users who require Enclave ownership without Portal management authority.

External

This is the most restricted ACRA Portal role.

External users:

  • Can only join Enclaves they are invited to
  • Default to a Guest role within those Enclaves

External users cannot:

  • Create or manage Enclaves
  • Manage or discover Portal users
  • Access Portal settings

This role is intended for third parties or temporary collaborators.

Enclave-Level Roles

Enclave roles control what a user can do inside a specific Enclave.

Owner

Highest authority within an Enclave.

Owners can:

  • Edit Enclave settings
  • Manage users within the Enclave
  • Invite users to the Enclave
  • Create and manage Meeting Rooms
  • Use all applications within the Enclave
  • Access files and LLM chat
  • Join public and invited private meeting rooms
  • View Activity Logs

Owners have full operational control within the Enclave.

Contributor

Operational participant within an Enclave.

Contributors can:

  • Access all applications in the Enclave
  • Create Meeting Rooms
  • Manage Meeting Rooms they create or manage
  • Join public meeting rooms
  • Join invited private meeting rooms
  • Access files and LLM chat

Contributors cannot:

  • Edit Enclave settings
  • Manage Enclave users
  • Invite users to the Enclave
  • View Activity Logs
  • View DevOps tools

This role supports active collaboration without administrative authority.

Guest

Restricted collaboration role.

Guests can only join meeting rooms they are invited to.

Guests cannot:

  • Create or manage meeting rooms
  • Access files
  • Access LLM chat
  • Perform CRUD actions within the Enclave
  • View Activity Logs

External Portal users default to the Guest role inside an Enclave unless reassigned to a higher role within the associated Portal.

Meeting-Room-Guest

Meeting-Room-Guest users receive temporary access to a specific meeting room.

Once the invite time expires the user loses all access to the Enclave and the ACRA Portal.

This role grants:

  • Temporary access to a defined meeting room
  • No broader Enclave permissions

It is intended for short-term participation in meetings only.

Role Evaluation Order

Access decisions are evaluated in two stages:

  1. Portal role determines whether a user can administer the platform or create and join Enclaves.
  2. Enclave role determines what actions the user can perform inside that Enclave.

Both conditions must be satisfied for an action to succeed.

How the Layers Work Together

ACRA enforces access in two stages.

  1. The ACRA Portal role determines platform authority and the ability to create or own Enclaves.
  2. The Enclave role determines operational permissions inside an Enclave.

This layered model provides:

  • Clear separation between governance and execution
  • Reduced over-privileging
  • Explicit access boundaries
  • Audit visibility where required

No role inherits more authority than explicitly assigned. Within the ACRA Portal and its Enclaves permissions are defined directly rather than implied.

Copyright © 2023-present Valarian