New Feature

  • Introducing a new dedicated role (credential_viewer) for view-only permissions on RightScale's Credentials feature. You no longer have to grant admin role to view credentials. The credential_viewer role can be assigned to users at an organization level (all accounts), as well as to individual accounts, like other Governance roles.


Changes in Behavior

  • To increase visibility around billing center level permissions, users with enterprise_manager role can use Governance to see the list of billing centers a user has access to with the ability to easily navigate to them.

Changes in Behavior

  • Introducing new frictionless way to manage users, groups, and accounts in bulk. Governance users can now switch the view to update multiple users, roles, accounts, and groups seamlessly.

    Users Page

    Groups Page

    Accounts Page

New Features

  • Governance users can now download a detailed user role report (CSV), broken down by accounts, for better visibility as well as auditing.

    Enterprise Manager's View


    Admin's View


Changes in Behavior

  • Fixed an intermittent bug causing admins to see lack privileges screen on login or navigating from Cloud Management.

Changes in Behavior

  • Reduce confusion for Enterprise Managers by hiding users, with no roles, from the accounts view.
  • Performance improvements by reducing amount of network requests.

New Features

  • Enterprise Managers now have the option to navigate to the Invitations Page directly from the Users page.


Changes in Behavior

  • New UI loading indicator while the page is loading the data.
  • Improved usability around new user invite flow by reducing the number of clicks it takes to get to the Invite page.

Changes in Behavior

  • To provide more context to the users, who belong to a single organization, Governance will now show the organization name in the UI. Previously, the organization name only appeared for users affiliated with multiple organizations.

New Features

  • Enterprise Managers can now seamlessly remove a user, including all it's roles, from the organization.


Changes in Behavior

  • Security bug fix to ensure that access token can not be generated by a terminated instance.

New Features

  • You can now create user groups with special characters.
  • Usability improvement to reduce number of clicks and time to value by making Roles as the default tab.


Changes in Behavior

  • Bug fix around user roles were not reflecting all inherited roles.
  • Bug fix where incorrect message was displayed if a user only had roles inherited from the organization level.

New Features

Announcing General Availability of the new Governance application, located within the RightScale product dropdown, to provide enhanced identity access management (IAM). With features like User Groups, Role Inheritance, Full Audit entries etc, users with role enterprise_managers and admins will get greater control over the user's permissions.


  • Organizations: Organization is new concept we have introduced to help you manage multiple accounts within your company. For existing customers, we have automatically created an Organization based on your master account.

  • Groups: Organize users into Groups based on your organizational needs or other criteria and assign specific roles to the Groups.

  • Role inheritance: Inheritance is a powerful feature for assigning Roles at the top level, say organization, and then cascading it down to the Group/Account/User level. Roles granted at the organization level will automatically appear at the account level.

  • Audit Entries: Gain visibility into which users are making changes to your cloud resources.

  • New Self-Service User types: New granular roles (ss_end_user, ss_designer, ss_observer) for the Self-Service application designed to give you complete flexibility. Learn more Self-Service User types

Changes in Behavior

  • Cloud Management User tab, for managing permissions, is now moved under the new Governance application to allow you to manage user permissions in one place.

  • API support for provisioning Self-Service users: Self-Service roles (ss_end_user, ss_designer, ss_observer) can now be assigned via the API 1.5. Learn more about Inviting Self-Service users.

  • With the new Self-Service user types, you can now grant Cloud Management and Self-Service roles independently of each other giving you more control over the platform.