An overview on the permission structure for Cognito and RONIN.


There are two types of permissions that work together to ensure the right level of access for all of your RONIN users:

  1. Cognito Groups
  2. RONIN Project Groups

RONIN obtains user access tokens and top level groups from Cognito.

Cognito can be connected to third party identity providers such as Google, Facebook, OpenID and SAML.



As a member of the RONIN Admin group, I can…

  • Create projects and assign users to them.
  • Monitor project budgets and pause projects if necessary.
  • Configure the pre-configured software in the create machine workflow.
  • Do everything a RONIN Lower Admin can do.

RONIN Lower Admin (previously RONIN Trial Admin)

As a member of the RONIN Lower Admin group, I can…

  • Access the Budget Management and Machine List screen
  • Monitor project budgets and pause projects if necessary for the projects I am a member of.
  • Do everything a RONIN User can do.


As a member of the RONIN User group, I can...

  • Login to RONIN using my account sync'd from a connected Active directory or sent to me by RONIN.
  • Be found in a RONIN user search.
  • Access and/or administer projects that have been assigned to me
  • Log out.


Project Admin

As a Project Admin within a RONIN project, I can...

  • Modify permissions for other users within my project, including adding additional Project Admins, Users, Viewer.
  • Modify Project settings including project budget.
  • Do everything a Project User can do.

Project User

As a Project User within a RONIN project, I can…

  • Launch, start, stop and terminate instances within my project.
  • Choose the size of the machine I want to launch.
  • Attach additional storage to my project’s instances.
  • Backup my project’s storage.
  • Package my research infrastructure to reproduce or share my work within my project.
  • Create, manage and delete object storage. (s3)
  • Do everything a Project View can do.

Project View

As a Project Viewer within a RONIN project, I can...

  • Search for projects I have access to.
  • View the project dashboard.