Work with the role component
A role is a set of permissions that you constrain an admin to. There are two types of roles: standard and custom.
You can use the search bar on the Administrators page to search for the user or group. To see a user's profile, go to and search for the user. To see a group's profile, go to and search for the group.
If your organization needs delegated admins, you may need to create roles. Create the role first and then create an admin assignment by selecting the users and resource set that you want to constrain the role to.
-
You can create a maximum of 100 roles for an org.
-
You can only have 1,000 admins who have the same role and resource set combination constrained to them.
Considerations
-
If you want an admin to view all resources but only manage specific resources, create two separate role assignments for the admin. See Best practices for creating a custom role assignment
-
You may have to assign several roles to an admin to constrain different permissions to different resource sets. See Role permissions.
-
You can add conditions to some admin permissions to further limit a role's scope. See Permission conditions.