| ms.subservice | ms.author | author | ms.topic | ms.date |
|---|---|---|---|---|
azure-devops-security |
chcomley |
chcomley |
include |
02/28/2022 |
The following table lists the permissions assigned at the organization or collection level. All permissions, except for Make requests on behalf of others, are granted to members of the Project Collection Administrators group. For more information, see Permissions and groups reference, Groups.
:::row:::
:::column span="":::
General
- Alter trace settings
- Create new projects
- Delete team project
- Edit instance-level information
- View instance-level information
**Service Account**
- Make requests on behalf of others
- Trigger events
- View system synchronization information
**Boards**
:::column span="":::
::: moniker range=">= azure-devops-2019"
- Administer process permissions
- Create process
- Delete field from organization or account
- Delete process
- Edit process
::: moniker-end
**Repos** (TFVC)
- Administer shelved changes
- Administer workspaces
- Create a workspace
:::column-end:::
:::column span="":::
Pipelines
::: moniker range=">= azure-devops-2019"
- Administer build resource permissions
- Manage build resources
- Manage pipeline policies
- Use build resources
- View build resources
::: moniker-end
**Test Plans**
- Manage test controllers
::: moniker range="azure-devops"
**Auditing**
- Delete audit streams
- Manage audit streams
- View audit log
::: moniker-end
::: moniker range=">= azure-devops-2019"
**Policies**
- Manage enterprise policies
::: moniker-end
:::column-end::: :::row-end:::