Cluster Admin is the highest security clearance. There are no restrictions. A Cluster Admin certificate has admin permissions to all databases. It also has the ability to modify the cluster itself.
The server certificate security clearance is called Cluster Node. The server certificate can also be used as a client certificate, and in that case Cluster Node is equivalent to Cluster Admin in terms of permissions.
The following operations are allowed only for Cluster Admin certificates:
All cluster operations
Manage Cluster Admin certificates
Replace and renew server certificates
Use the Admin JS Console
Activate or update the license
Get SNMP used OIDs
A client certificate with an Operator security clearance has admin access to all databases
but is unable to modify the cluster. It cannot perform operations such as
add/remove/promote/demote nodes from the cluster. This is useful in a hosted solution
(such as RavenDB Cloud). If you are running on your own machines, you'll typically ignore
that level in favor of Cluster Admin or User.
The following operations are allowed for bothOperator and Cluster Admin certificates and are not allowed for User certificates:
Operations on databases (put, delete, enable, disable)
Manage Operator and User certificates
Enable and disable an ongoing task
Define External Replication
Create and delete RavenDB ETL and SQL ETL
View cluster observer logs
View admin logs
Gather local and cluster debug info (process, memory, cpu, threads)
Use the traffic watch
Put cluster-wide client configuration (Max number of requests per session, Read balance behavior)
Get the database record
Manage database groups in the cluster
Restore databases from backup
Perform database and index compaction
Get server metrics (request/sec, indexed/sec, batch size, etc...)
Get remote server build info
A client certificate with a User security clearance cannot perform any admin operations at the cluster level.
Unlike the other clearance levels, a User client certificate can grant different access levels to different databases.
These access levels are, from highest to lowest:
If no access level is defined for a particular database, the certificate doesn't grant access to that database at all.
The following operations are permitted at the Admin access level but not for Read/Write or Read Only:
Operations on indexes (put, delete, start, stop, enable and disable)
Solve replication conflicts
Configure revisions and delete revision documents
Create backups and define periodic backups
Operations on connection strings (put, get, delete)
Put client configuration for the database (Max number of requests per session, Read balance behavior)
Get transaction info
Perform SQL migration
A User certificate with a Read/Write access level can perform all operations except for those listed above in the 'Admin' and 'Operator'sections.