Docs Cloud Security Authorization Cloud Authorization Authorization There are two types of authorization in Redpanda Cloud: User authorization Use role-based access control (RBAC) to assign users access to specific resources in your Redpanda Cloud organization. For example, you could assign all users with a certain job title read access on the entire organization and write access only on your non-production resource group. You can define roles to reflect organizational structure or job duties. This alleviates the process of manually maintaining and verifying a set of ACLs for a user base that may contain thousands of users. Use Kafka access control lists (ACLs) to grant users permission to perform specific types of operations on specific resources (such as topics, groups, clusters, or transactional IDs). BYOC agent authorization When deploying an agent as part of BYOC cluster provisioning, Redpanda Cloud automatically assigns IAM policies to the agent. The IAM policy permissions granted to the agent provide it the authorization required to fully manage Redpanda Cloud clusters in AWS, Azure, or GCP. IAM policies do not apply or act as deployment permissions, and there are no explicit user actions associated with IAM policies. Rather, IAM policy permissions apply to Redpanda Cloud agents only, and serve to provide Redpanda agents access to AWS, GCP, or Azure clusters so Redpanda brokers can communicate with them. Back to top × Simple online edits For simple changes, such as fixing a typo, you can edit the content directly on GitHub. Edit on GitHub Or, open an issue to let us know about something that you want us to change. Open an issue Contribution guide For extensive content updates, or if you prefer to work locally, read our contribution guide . Was this helpful? thumb_up thumb_down group Ask in the community mail Share your feedback group_add Make a contribution Authorization Role-Based Access Control