# Managing user permission roles
<a name="adding-users-groups"></a>

As an AWS Supply Chain administrator, you can either use the default user permission roles or create custom permission roles. AWS Supply Chain has the following default user permission roles: 
+ **Administrator** – Access to create, view, and manage all data and user permissions.
+ **Data Analyst** – Access to create, view, and manage all data connections.
+ **Inventory Manager** – Access to create, view, and manage Insights.
+ **Demand Planner** – Access to create, view and manage forecasts, overrides, and publish demand plans.
+ **Partner Data Manager** – Access to manage and view partners, manage and view data requests, and view sustainability data.
+ **Supply Planner** – Access to manage and view supply plans.

**Note**  
As an AWS Supply Chain administrator, before you add users, note the following:  
Each default user permission role is defined with a set of permissions. You can add users to default user permission roles or create custom permission roles.
A user can only be assigned to one user permission role.
You cannot edit or delete default user permission roles.
When you edit a custom permission role you created, the permissions for all the users under the custom permission role are updated.
When you delete a custom permission role you created, all the users under the custom permission role will lose access to AWS Supply Chain.
Adding groups is not supported in AWS Supply Chain.

**Topics**
+ [

# Adding users
](adding-new-users.md)
+ [

# Updating user permissions
](permission-roles.md)
+ [

# Deleting users
](deleting-users.md)
+ [

# Creating custom user permission roles
](create-new-permission-roles.md)

# Adding users
<a name="adding-new-users"></a>

As an AWS Supply Chain administrator, you can add users to access the AWS Supply Chain web application. Users first must be added to IAM Identity Center (IdC), and then they can be added to AWS Supply Chain. For more information about adding users to IdC, see [Assign user access](https://docs.aws.amazon.com/singlesignon/latest/userguide/get-started-assign-account-access-user.html). 

 Once users have been added to IdC, follow these steps to add an user. 

1. Choose the **Settings** icon on the AWS Supply Chain dashboard.

1. Select **Users and Permissions**.

1. Select **Users**, Users. The **Manage Users** page appears.

1. Select **Add New User**. The **Add User** page appears.

1. Select the user from the **Add user(s)** drop-down menu.

1. Select the role for the user from the under **Select role** drop-down menu.

1. Select **Add**.

# Updating user permissions
<a name="permission-roles"></a>

To update the user permission role for the current AWS Supply Chain users, follow these steps.

1. On the AWS Supply Chain dashboard, from the left navigation pane, choose the **Settings** icon. 

1. Choose **Permissions**, and then choose **Users**.

   The **Manage Users** page appears.

1. On the **Manage Users** page, select the user or group that you want to update the user permission role for, and from the **Permissions Role** dropdown menu, select one of the permission roles.
**Note**  
Depending on the role permissions you assign, the AWS Supply Chain dashboard is customized. For more information, see [Creating custom user permission roles](create-new-permission-roles.md).

1. Choose **Save**.

# Deleting users
<a name="deleting-users"></a>

As an AWS Supply Chain administrator, you can delete users from the AWS Supply Chain web application. Follow these steps to delete users.

1. On the AWS Supply Chain dashboard, from the left navigation pane, choose the **Settings** icon.

1. Choose **Permissions**, and then choose **Users**.

   The **Manage Users** page appears.

1. On the **Manage Users** page, select the user that you want to delete and choose the **Delete** icon.

# Creating custom user permission roles
<a name="create-new-permission-roles"></a>

In addition to default user permission roles, you can create custom user permission roles to include multiple permission roles and add specific locations and products. Follow these steps to create new permission roles.

1. On the AWS Supply Chain dashboard, from the left navigation pane, choose the **Settings** icon. Choose **Permissions**, and then choose **Permission Roles**.

   The **Permission Roles** page appears.

1. Choose **Create New Role**.

1. On the **Manage Permission Role** page, under **Role Name**, enter a name.

1. Move the slider to select the user permission role.
   + **Manage** – Assigning users with manage permission can add, edit, and manage information.
   + **View** – Assigning users with view permission can only view the current information.

1. 
**Note**  
 You can only choose the products and locations under **Location Access** and **Product Access** if your instance is connected to a data source. For example, you can create a custom Admin user just to manage avocados in the Seattle location, or an Insight user just to manage the insights for avocados in the Seattle location.

   Under **Location Access**, search for the Regions as you type in the search bar and select the Regions.

1. Under **Product Access**, search for the products as you type in the search bar and select the products.

1. Choose **Save**.