> ## Documentation Index
> Fetch the complete documentation index at: https://docs.maia.ai/llms.txt
> Use this file to discover all available pages before exploring further.
# Environment roles
export const maia = "Maia";
There are four environment roles:
* **Owner**
* **Contributor**
* **Operator**
* **Viewer**
You can set one of these roles as the default for an environment. The default role applies to all current and future users who don't have a specific role assigned.
Default environment access is defined in two areas:
* When you [create](/docs/guides/environments#add-an-environment) an environment.
* When you [edit](#editing-an-environments-default-role) an existing environment.
Read [Role permissions](#role-permissions) for details on what each role can do.
Project roles and environment roles are independent of each other. The permissions granted by your project role do not affect the permissions granted by your environment role, and vice versa.
For example, if you have the **Viewer** project role and the **Contributor** environment role, your project role determines what you can do with project variables—you can view them, but you cannot create, update, or delete them. Although you cannot edit project variables due to your project role, your environment role means that you *can* create, edit, and delete environment overrides for project variables in your environment.
***
## Editing an environment's default role
To edit the default role on an environment, use the following steps:
1. In your project, click the **Environments** tab.
2. Click the three dots **...** next to the environment you want to modify.
3. Click **Edit Environment**.
4. Use the **Default environment access** drop-down menu to select the new default role for the intended environment. Choose **Owner**, **Operator**, **Contributor**, or **Viewer**.
***
## Edit user environment role
Any user with the **Owner** role for a project can assign a user's environment role. To do this:
1. In your project, click the **Environments** tab.
2. Click the three dots **...** next to the environment you want to set the role on.
3. Click **Edit user access**.
4. Use the **Access** drop-down menu to choose the access level for the individual user.
To find specific users quickly, search by name or email address.
5. Click **Save**.
The new access will take effect immediately.
***
## Role permissions
The four roles, Owner, Contributor, Operator, and Viewer, have specific permissions for the following features.
* Users assigned the {maia} [Super Admin](/docs/administration/account-roles#roles) role are always granted the **Owner** role for all environments in that account.
* To manage an environment, you must be assigned the **Owner** or **Contributor** role for that environment.
| Capability | Owner | Contributor | Operator | Viewer |
| ---------------------------------------------------------- | ----- | ----------- | -------- | ------ |
| **Pipelines** | | | | |
| Validate | ✅ | ✅ | ❌ | ✅ |
| Sample | ✅ | ✅ | ❌ | ✅ |
| Run unpublished pipelines | ✅ | ✅ | ❌ | ❌ |
| View executions | ✅ | ✅ | ✅ | ✅ |
| Cancel execution | ✅ | ✅ | ✅ | ❌ |
| **Schemas** | | | | |
| View | ✅ | ✅ | ❌ | ✅ |
| **Artifacts** | | | | |
| Publish | ✅ | ✅ | ❌ | ❌ |
| Run published pipelines | ✅ | ✅ | ✅ | ❌ |
| View | ✅ | ✅ | ✅ | ✅ |
| Promote | ✅ | ✅ | ❌ | ❌ |
| Enable/Disable | ✅ | ❌ | ❌ | ❌ |
| **Schedules** | | | | |
| Create | ✅ | ✅ | ✅ | ❌ |
| View | ✅ | ✅ | ✅ | ✅ |
| Update | ✅ | ✅ | ✅ | ❌ |
| Delete | ✅ | ✅ | ✅ | ❌ |
| **Environment Overrides (Project variables, connections)** | | | | |
| Create | ✅ | ✅ | ❌ | ❌ |
| View | ✅ | ✅ | ✅ | ✅ |
| Update | ✅ | ✅ | ❌ | ❌ |
| Delete | ✅ | ✅ | ❌ | ❌ |
| **Lineage** | | | | |
| View | ✅ | ✅ | ✅ | ✅ |
The table above uses the following icons to indicate permission levels for each role.
| Icon | Permission level | Description |
| ---- | ---------------- | ---------------------------------- |
| ✅ | Allowed | A user can perform this action. |
| ❌ | Not allowed | A user cannot perform this action. |