Create or recreate token | N/A | Token | SO (UPDATE) |
Create object | N/A | Public object, except a CA certificate | USER (UPDATE) or SO (READ) |
Create object | N/A | Private object, except a CA certificate | USER (UPDATE) or SO (CONTROL) |
Create object | N/A | Public CA certificate object | USER (CONTROL) or SO (READ) |
Create object | N/A | Private CA certificate object | USER (CONTROL) or SO (CONTROL) |
Copy object | Public object, except a CA certificate | Public object, except a CA certificate | USER (UPDATE) or SO (READ) |
Copy object | Public object or private object, except a CA
certificate | Private object, except a CA certificate | USER (UPDATE) or SO (CONTROL) |
Copy object | Private object, except a CA certificate | Public object, except a CA certificate | USER (UPDATE) |
Copy object | Public object, where source or target or both
are CA certificate objects | Public object, where source or target or both
are CA certificate objects | USER (CONTROL) or SO (READ) |
Copy object | Public object or private object, where source
or target or both are CA certificate objects | Private object, where source or target or both
are CA certificate objects | USER (CONTROL) or SO (CONTROL) or both USER
(UPDATE) and SO (READ) |
Copy object | Private object, where source or target or both
are CA certificate objects | Public object, where source or target or both
are CA certificate objects | USER (CONTROL) or both USER (UPDATE) and SO
(READ) |