# Permission Groups Using the `Permission groups`, you can assign a user to a particular group and a user inherits all the permissions granted to the group. The advantage of the `Permission groups` is to define a set of privileges like create, edit, or delete for the given set of resources that can be shared among the users within the group. {% hint style="info" %} The [User permissions](https://docs.dashboard.devtron.ai/operator-guide/authorization/user-permissions) section for `Specific permissions` contains a drop-down list of all existing groups for which a user has an access. This is an optional field and more than one groups can be selected for a user. {% endhint %} *** ## Add Group Go to **Global Configurations** → **Authorization** → **Permissions groups** → **Add group**. ![](https://devtron-public-asset.s3.us-east-2.amazonaws.com/images/global-configurations/permission-group/add-group-db.jpg) Enter the `Group Name` and `Description`. ![](https://devtron-public-asset.s3.us-east-2.amazonaws.com/images/global-configurations/permission-group/create-group-db.jpg) You can either grant [super-admin](https://docs.dashboard.devtron.ai/operator-guide/user-permissions#role-based-access-levels) permission to a user group or specific permissions to manage access for: * [Helm Apps](#helm-apps-permissions) * [Kubernetes Resources](#kubernetes-resources-permissions) ### Helm Apps Permissions In `Helm Apps` option, you can provide access to a group to manage permission for Helm apps deployed from Devtron or outside Devtron. Provide the information in the following fields: ![](https://devtron-public-asset.s3.us-east-2.amazonaws.com/images/global-configurations/permission-group/group-helmapp-permdb.jpg) | Dropdown | Description | | ------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | **Project** |

Select a project from the drop-down list to which you want to give permission to the group. You can select only one project at a time.
Note: If you want to select more than one project, then click Add row.

| | **Environment or cluster/namespace** |

Select the specific environment or all existing environments in default cluster from the drop-down list.
Note: If you select all existing + future environments in default cluster option, then a user gets access to all the current environments including any new environment which gets associated with the application later.

| | **Application** |

Select the specific application or all applications from the drop-down list corresponding to your selected Environments.
Note: If All applications option is selected, then a user gets access to all the current applications including any new application which gets associated with the project later
.

| | **Role** |

Select one of the roles to which you want to give permission to the user:

| You can add multiple rows for Devtron app permission. Once you have finished assigning the appropriate permissions for the groups, Click **Save**. ### Kubernetes Resources Permissions In `Kubernetes Resources` option, you can provide permission to view, inspect, manage, and delete resources in your clusters from [Resource Browser](https://docs.dashboard.devtron.ai/user-guide/resource-browser) in Devtron. You can also create resources from Resource Browser. {% hint style="info" %} Only super admin users will be able to see `Kubernetes Resources` tab and provide permission to other users to access `Resource Browser`. {% endhint %} To provide Kubernetes resource permission, click `Add permission`. ![](https://devtron-public-asset.s3.us-east-2.amazonaws.com/images/global-configurations/permission-group/group-resource-permdb1.jpg) On the `Kubernetes resource permission`, provide the information in the following fields: ![](https://devtron-public-asset.s3.us-east-2.amazonaws.com/images/global-configurations/user-access/user-permission/group-resource-permdb2.jpg) | Dropdown | Description | | ----------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | **Cluster** |

Select a cluster from the drop-down list to which you want to give permission to the user. You can select only one cluster at a time.
Note: To add another cluster, then click Add another.

| | **Namespace** | Select the namespace from the drop-down list. | | **API Group** | Select the specific API group or `All API groups` from the drop-down list corresponding to the K8s resource. | | **Kind** | Select the kind or `All kind` from the drop-down list corresponding to the K8s resource. | | **Resource name** | Select the resource name or `All resources` from the drop-down list to which you want to give permission to the user. | | **Role** |

Select one of the roles to which you want to give permission to the user and click Done:

| You can add multiple rows for Kubernetes resource permission. Once you have finished assigning the appropriate permissions for the groups, Click **Save**. *** ## Edit Permissions Group You can edit the permission groups by clicking the `downward arrow.` ![](https://devtron-public-asset.s3.us-east-2.amazonaws.com/images/global-configurations/permission-group/edit-group-db.jpg) Edit the permission group. ![](https://devtron-public-asset.s3.us-east-2.amazonaws.com/images/global-configurations/permission-group/edit-perm-group.jpg) Once you are done editing the permission group, click **Save**. *** ## Delete Permissions Group If you want to delete a particular permission group, click the delete icon. ![](https://devtron-public-asset.s3.us-east-2.amazonaws.com/images/global-configurations/permission-group/delete-group-db.jpg)