| Application | Access Level | RADA Group | Comments |
|---|---|---|---|
| Used as owner of other groups | Co-owner of all RADA Groups | SSFFCT_ace-admins | This allows users to manage all group which it co-owns. This also allows admin privileges to Terraform Cloud and Grafana |
| ACE OpenSearch | OpenSearch Users | SSFFCT_GCORE-ES-ECDI-PROD-USERS | For access to Infra OS Cluster to search logs |
| ACE OpenSearch | OpenSearch Admins | SSFFCT_GCORE-ES-ECDI-PROD-ADMINS | For admin access to Infra OS Cluster to manage sources and other admin configurations |
| DDC OpenSearch Dev Env | DDC Opensearch Admins - DEV | GLOFCT_ddc-dev-opensearch-admins | For admin access to DDC Opensearch Cluster in the Dev AWS account to manage sources and other admin configurations |
| DDC OpenSearch Dev Env | DDC Opensearch Users - DEV | GLOFCT_ddc-dev-opensearch-user | For DDC users to access to DDC Opensearch Cluster to view logs from the environment in the Dev AWS Account |
| DDC OpenSearch Prod Env | DDC Opensearch Admins - PROD | GLOFCT_ddc-prod-opensearch-admins | For admin access to DDC Opensearch Cluster in the Prod AWS account to manage sources and other admin configurations |
| DDC OpenSearch Prod Env | DDC Opensearch Users - PROD | GLOFCT_ddc-prod-opensearch-user | For DDC users to access to DDC Opensearch Cluster to view logs from the environment in the Prod AWS Account |
| DDC Dev AWS Account | DDC Dev AWS Account Admins | GLOAWSACEDDCDV_Contributors | For administrative console access to the Dev DDC AWS Account |
| DDC Dev AWS Account | DDC Dev AWS Account Read Only | GLOAWSACEDDCDV_Reader | For read only console access to the Dev DDC AWS Account. This includes security auditor access and access to read cloudwatch logs |
| DDC Dev AWS Account | DDC Dev AWS Account Power User | GLOAWSACEDDCDV_PowerUsers | This allows the same permissions as the power user role in AWS, but is limited to only the eu-west-1 region. |
| DDC Prod AWS Account | DDC Prod AWS Account Admins | GLOAWSACEDDCPRD_Contributors | For admin console access to the Prod DDC AWS Account |
| DDC Prod AWS Account | DDC Prod AWS Account Read Only | GLOAWSACEDDCPRD_Readers | For read only console access to the Prod DDC AWS Account. This includes security auditor access and access to read cloudwatch logs |
| DDC Prod AWS Account | DDC Prod AWS Account Power User | GLOAWSACEDDCPRD_PowerUsers | This allows the same permissions as the power user role in AWS, but is limited to only the eu-west-1 region. |
| V7 Application | Group is used to control access to the V7 Workspace for the ECDi ACE AI Team. This group is requestable in CIDM | gene-gred-ecdi-ace-ai-v7ws | The V7 Workspace is called gene gred ecdi ace ai |
| V7 Application | Group is used to control access to the V7 Parent Workspace. This group is NOT requestable in CIDM | genentech-parent-v7ws | The V7 Workspace is called GenentechParent |