diff --git a/docs/api/access-keys.md b/docs/api/access-keys.md
index 20826596ec..50200c26dc 100644
--- a/docs/api/access-keys.md
+++ b/docs/api/access-keys.md
@@ -33,6 +33,6 @@ The [Access Keys](/docs/manage/security/access-keys) Management API allows you t
-* Security
+* [Security](/docs/manage/users-roles/roles/role-capabilities/#security)
* Create Access Keys
* Manage Access Keys
diff --git a/docs/api/account-management.md b/docs/api/account-management.md
index 90a7785cd2..1f89ae75bd 100644
--- a/docs/api/account-management.md
+++ b/docs/api/account-management.md
@@ -33,5 +33,5 @@ The Account Management API allows you to manage the custom subdomain for the URL
## Required role capabilities
-* Data Management
+* [Data Management](/docs/manage/users-roles/roles/role-capabilities/#data-management)
* View Account Overview
diff --git a/docs/api/app-management.md b/docs/api/app-management.md
index 17c5242d5d..693ee0ced6 100644
--- a/docs/api/app-management.md
+++ b/docs/api/app-management.md
@@ -31,5 +31,5 @@ View and install Sumo Logic applications that deliver out-of-the-box dashboards,
-* Data Management
+* [Data Management](/docs/manage/users-roles/roles/role-capabilities/#data-management)
* Manage Apps
diff --git a/docs/api/archive-ingestion.md b/docs/api/archive-ingestion.md
index abb824b3b9..ddb811f266 100644
--- a/docs/api/archive-ingestion.md
+++ b/docs/api/archive-ingestion.md
@@ -37,6 +37,6 @@ You need the [Manage or View Collectors role capability](/docs/manage/users-role
-* Data Management
+* [Data Management](/docs/manage/users-roles/roles/role-capabilities/#data-management)
* Manage Collectors
* View Collectors
diff --git a/docs/api/cloud-siem-enterprise.md b/docs/api/cloud-siem-enterprise.md
index a46ce4d9f8..9860e20e6d 100644
--- a/docs/api/cloud-siem-enterprise.md
+++ b/docs/api/cloud-siem-enterprise.md
@@ -24,4 +24,4 @@ The [Cloud SIEM](/docs/cse) API allows you to create and manage Entities, Custom
-* Cloud SIEM (all role capabilities)
+* [Cloud SIEM](/docs/manage/users-roles/roles/role-capabilities/#cloud-siem) (all role capabilities)
diff --git a/docs/api/cloud-soar.md b/docs/api/cloud-soar.md
index 80c133261c..bf41094268 100644
--- a/docs/api/cloud-soar.md
+++ b/docs/api/cloud-soar.md
@@ -38,4 +38,4 @@ For more information, see [Legacy Cloud SOAR APIs](/docs/cloud-soar/legacy/legac
-* Cloud SOAR (all role capabilities)
+* [Cloud SOAR](/docs/manage/users-roles/roles/role-capabilities/#cloud-soar) (all role capabilities)
diff --git a/docs/api/connections-management.md b/docs/api/connections-management.md
index 3993e9d83b..9af4e31135 100644
--- a/docs/api/connections-management.md
+++ b/docs/api/connections-management.md
@@ -34,6 +34,6 @@ Connections Management APIs let you set up connections to send alerts to third-p
-* Data Management
+* [Data Management](/docs/manage/users-roles/roles/role-capabilities/#data-management)
* View Connections
* Manage Connections
diff --git a/docs/api/content-management.md b/docs/api/content-management.md
index 7a3dbce214..fee89fae49 100644
--- a/docs/api/content-management.md
+++ b/docs/api/content-management.md
@@ -33,5 +33,5 @@ The Content Management API allows you to manage content in your organization’s
-* Data Management
+* [Data Management](/docs/manage/users-roles/roles/role-capabilities/#data-management)
* Manage Content
diff --git a/docs/api/content-permissions.md b/docs/api/content-permissions.md
index d174010418..e18e06df9c 100644
--- a/docs/api/content-permissions.md
+++ b/docs/api/content-permissions.md
@@ -33,9 +33,9 @@ The Content Permissions API allows you to share your folders, searches, and dash
-* Dashboards (all)
-* Data Management
+* [Dashboards](/docs/manage/users-roles/roles/role-capabilities/#dashboards) (all)
+* [Data Management](/docs/manage/users-roles/roles/role-capabilities/#data-management)
* Manage Content
-* Security
+* [Security](/docs/manage/users-roles/roles/role-capabilities/#security)
* Change Data Access Level
* Manage Share Dashboards Outside of Organization
diff --git a/docs/api/dashboard.md b/docs/api/dashboard.md
index 3861d66dca..a63341260f 100644
--- a/docs/api/dashboard.md
+++ b/docs/api/dashboard.md
@@ -33,4 +33,4 @@ The Dashboard Management APIs allow you to create, retrieve, update, and delete
-* Dashboards (all capabilities)
+* [Dashboards](/docs/manage/users-roles/roles/role-capabilities/#dashboards) (all capabilities)
diff --git a/docs/api/data-deletion-rules.md b/docs/api/data-deletion-rules.md
index 86fddb97f7..03ee692879 100644
--- a/docs/api/data-deletion-rules.md
+++ b/docs/api/data-deletion-rules.md
@@ -39,6 +39,7 @@ Data Deletion Rules allow you to quickly and easily request the removal of inges
-* Review Deletion Requests
-* Manage Deletion Requests
-* View Deletion Requests
+* [Data Management](/docs/manage/users-roles/roles/role-capabilities/#data-management)
+ * Review Deletion Requests
+ * Manage Deletion Requests
+ * View Deletion Requests
diff --git a/docs/api/dynamic-parsing.md b/docs/api/dynamic-parsing.md
index 3acf433d51..55c3847b90 100644
--- a/docs/api/dynamic-parsing.md
+++ b/docs/api/dynamic-parsing.md
@@ -33,7 +33,7 @@ The Dynamic Parsing Management API allows you to configure Run Time Field Extrac
-* Data Management
+* [Data Management](/docs/manage/users-roles/roles/role-capabilities/#data-management)
* Manage Field Extraction Rules
* Manage Fields
* View Field Extraction Rules
diff --git a/docs/api/field-extraction-rules.md b/docs/api/field-extraction-rules.md
index 216d27484f..bb0ab7976c 100644
--- a/docs/api/field-extraction-rules.md
+++ b/docs/api/field-extraction-rules.md
@@ -33,7 +33,7 @@ The Field Extraction Rules (FER) Management API allows you to configure FERs fro
-* Data Management
+* [Data Management](/docs/manage/users-roles/roles/role-capabilities/#data-management)
* Manage Field Extraction Rules
* Manage Fields
* View Field Extraction Rules
diff --git a/docs/api/field-management.md b/docs/api/field-management.md
index 7f26186a67..3ca7752b55 100644
--- a/docs/api/field-management.md
+++ b/docs/api/field-management.md
@@ -33,7 +33,7 @@ The Field Management API allows you to configure fields from HTTP endpoints. Fie
-* Data Management
+* [Data Management](/docs/manage/users-roles/roles/role-capabilities/#data-management)
* Manage Field Extraction Rules
* Manage Fields
* View Field Extraction Rules
diff --git a/docs/api/folder-management.md b/docs/api/folder-management.md
index 62396e6228..d7cb281b43 100644
--- a/docs/api/folder-management.md
+++ b/docs/api/folder-management.md
@@ -33,5 +33,5 @@ The Folder Management API allows you to add folders and subfolders to the [Libra
-* Data Management
+* [Data Management](/docs/manage/users-roles/roles/role-capabilities/#data-management)
* Manage Content
diff --git a/docs/api/health-events.md b/docs/api/health-events.md
index bf4334e663..1b9a0a704a 100644
--- a/docs/api/health-events.md
+++ b/docs/api/health-events.md
@@ -34,6 +34,6 @@ The [Health Events](/docs/manage/health-events) Management API allows you to vie
-* Data Management
+* [Data Management](/docs/manage/users-roles/roles/role-capabilities/#data-management)
* Manage Collectors
* View Collectors
diff --git a/docs/api/ingest-budget-v2.md b/docs/api/ingest-budget-v2.md
index 1efede2bc1..2afdee7482 100644
--- a/docs/api/ingest-budget-v2.md
+++ b/docs/api/ingest-budget-v2.md
@@ -44,7 +44,7 @@ Ingest Budget Management V1 APIs have been removed and are no longer supported.
-* Data Management
+* [Data Management](/docs/manage/users-roles/roles/role-capabilities/#data-management)
* Manage Ingest Budgets
To manage ingest budgets, you must have the **Manage Ingest Budgets** role capability. Enabling this will automatically enable the **Manage Collectors** capability. The Manage Collectors capability on its own permits the re-assignment of budgets to different Collectors, but not creating or deleting them. For more information, see [Ingest Budgets](/docs/manage/ingestion-volume/ingest-budgets).
diff --git a/docs/api/log-search-estimated-usage.md b/docs/api/log-search-estimated-usage.md
index 2f1f8929d6..e8927a7d60 100644
--- a/docs/api/log-search-estimated-usage.md
+++ b/docs/api/log-search-estimated-usage.md
@@ -35,7 +35,7 @@ In the Infrequent Data Tier and Flex, you pay per query, based on the amount of
-* Data Management
+* [Data Management](/docs/manage/users-roles/roles/role-capabilities/#data-management)
* Download Search Results
* Manage Data Volume Feed
* View Collectors
diff --git a/docs/api/log-searches.md b/docs/api/log-searches.md
index a68df04026..4552b475ca 100644
--- a/docs/api/log-searches.md
+++ b/docs/api/log-searches.md
@@ -35,6 +35,6 @@ Whether you're running ad hoc searches during a forensic investigation or runnin
-* Data Management
+* [Data Management](/docs/manage/users-roles/roles/role-capabilities/#data-management)
* Download Search Results
* View Collectors
diff --git a/docs/api/logs-data-forwarding.md b/docs/api/logs-data-forwarding.md
index d70540774a..ef0ce33a76 100644
--- a/docs/api/logs-data-forwarding.md
+++ b/docs/api/logs-data-forwarding.md
@@ -33,7 +33,7 @@ The Logs Data Forwarding Management API allows you to forward log data from a Pa
-* Data Management
+* [Data Management](/docs/manage/users-roles/roles/role-capabilities/#data-management)
* Manage Partitions
* Manage S3 Data Forwarding
* Manage Scheduled Views
diff --git a/docs/api/lookup-tables.md b/docs/api/lookup-tables.md
index 03a71bbe46..94396846b0 100644
--- a/docs/api/lookup-tables.md
+++ b/docs/api/lookup-tables.md
@@ -33,7 +33,7 @@ The Lookup Management API allows you to manage [Lookup Tables](/docs/search/look
-* Data Management
+* [Data Management](/docs/manage/users-roles/roles/role-capabilities/#data-management)
* Download Search Results
* Manage Content
* View Collectors
diff --git a/docs/api/metrics-query.md b/docs/api/metrics-query.md
index b9b19a0fae..03ce213598 100644
--- a/docs/api/metrics-query.md
+++ b/docs/api/metrics-query.md
@@ -58,4 +58,4 @@ A metric query consists of a metric, one or more filters, and optionally, one or
-* Metrics (all role capabilities)
+* [Metrics](/docs/manage/users-roles/roles/role-capabilities/#metrics) (all role capabilities)
diff --git a/docs/api/metrics-searches-v2.md b/docs/api/metrics-searches-v2.md
index 8f6eb25e52..7a15cf8d75 100644
--- a/docs/api/metrics-searches-v2.md
+++ b/docs/api/metrics-searches-v2.md
@@ -35,4 +35,4 @@ Use Metrics Search Management APIs V2 to save metrics searches in the content li
-* Metrics (all role capabilities)
+* [Metrics](/docs/manage/users-roles/roles/role-capabilities/#metrics) (all role capabilities)
diff --git a/docs/api/metrics-searches.md b/docs/api/metrics-searches.md
index 8e30522d13..34e3c9be44 100644
--- a/docs/api/metrics-searches.md
+++ b/docs/api/metrics-searches.md
@@ -35,4 +35,4 @@ Use Metrics Search Management APIs to save metrics searches in your content libr
-* Metrics (all role capabilities)
+* [Metrics](/docs/manage/users-roles/roles/role-capabilities/#metrics) (all role capabilities)
diff --git a/docs/api/metrics-transformation-rules.md b/docs/api/metrics-transformation-rules.md
index 4bbf7b9ea3..1207ca7e3f 100644
--- a/docs/api/metrics-transformation-rules.md
+++ b/docs/api/metrics-transformation-rules.md
@@ -31,4 +31,4 @@ Metrics Transformation Rules APIs allow you control how long raw metrics are ret
-* Metrics (all role capabilities)
+* [Metrics](/docs/manage/users-roles/roles/role-capabilities/#metrics) (all role capabilities)
diff --git a/docs/api/monitors-management.md b/docs/api/monitors-management.md
index 1a200c56c9..67fba561ee 100644
--- a/docs/api/monitors-management.md
+++ b/docs/api/monitors-management.md
@@ -33,4 +33,4 @@ The Monitor Management API allows you to manage Monitors from HTTP endpoints. Mo
-* Alerting (all role capabilities)
+* [Alerting](/docs/manage/users-roles/roles/role-capabilities/#alerting) (all role capabilities)
diff --git a/docs/api/muting-schedules.md b/docs/api/muting-schedules.md
index 8b7f2b35be..a15f61b554 100644
--- a/docs/api/muting-schedules.md
+++ b/docs/api/muting-schedules.md
@@ -33,4 +33,4 @@ The Muting Schedules Management API allows you to pause alert notifications from
-* Alerting (all role capabilities)
+* [Alerting](/docs/manage/users-roles/roles/role-capabilities/#alerting) (all role capabilities)
diff --git a/docs/api/organizations-management.md b/docs/api/organizations-management.md
index 06830a4327..ac54e1d40b 100644
--- a/docs/api/organizations-management.md
+++ b/docs/api/organizations-management.md
@@ -35,4 +35,4 @@ With the Organizations Management API, you can get the credits usage details of
-* Organizations (all role capabilities)
+* [Organizations](/docs/manage/users-roles/roles/role-capabilities/#organizations) (all role capabilities)
diff --git a/docs/api/partition-management.md b/docs/api/partition-management.md
index e5078ffdd1..e272ff0d11 100644
--- a/docs/api/partition-management.md
+++ b/docs/api/partition-management.md
@@ -33,6 +33,6 @@ The Partitions Management API allows you to improve search performance by search
-* Data Management
+* [Data Management](/docs/manage/users-roles/roles/role-capabilities/#data-management)
* Manage Partitions
* View Partitions
diff --git a/docs/api/password-policy.md b/docs/api/password-policy.md
index 2e61f90575..be7b0d4884 100644
--- a/docs/api/password-policy.md
+++ b/docs/api/password-policy.md
@@ -33,5 +33,5 @@ The Password Policy Management API allows you to manage the [password policy](/d
-* Security
+* [Security](/docs/manage/users-roles/roles/role-capabilities/#security)
* Manage Password Policy
diff --git a/docs/api/policies-management.md b/docs/api/policies-management.md
index e5c30c274b..fdbc50fddd 100644
--- a/docs/api/policies-management.md
+++ b/docs/api/policies-management.md
@@ -33,4 +33,4 @@ The Policies Management API allows you to control the security and share setting
-* Security (all role capabilities)
+* [Security](/docs/manage/users-roles/roles/role-capabilities/#security) (all role capabilities)
diff --git a/docs/api/role-management-v2.md b/docs/api/role-management-v2.md
index bd1f681b14..8d2364051f 100644
--- a/docs/api/role-management-v2.md
+++ b/docs/api/role-management-v2.md
@@ -75,4 +75,4 @@ For example, consider you are interested in querying upon audit logs with change
-* User Management (all role capabilities)
+* [User Management](/docs/manage/users-roles/roles/role-capabilities/#user-management) (all role capabilities)
diff --git a/docs/api/role-management.md b/docs/api/role-management.md
index aeebb0b57a..bf4e1e4ada 100644
--- a/docs/api/role-management.md
+++ b/docs/api/role-management.md
@@ -35,4 +35,4 @@ To manage roles, you must have an administrator role or your role must have been
-* User Management (all role capabilities)
+* [User Management](/docs/manage/users-roles/roles/role-capabilities/#user-management) (all role capabilities)
diff --git a/docs/api/saml-configuration.md b/docs/api/saml-configuration.md
index 7e87a3cd3b..97975794da 100644
--- a/docs/api/saml-configuration.md
+++ b/docs/api/saml-configuration.md
@@ -33,5 +33,5 @@ The [SAML Configuration](/docs/manage/security/saml/set-up-saml) Management API
-* Security
+* [Security](/docs/manage/users-roles/roles/role-capabilities/#security)
* Manage SAML
diff --git a/docs/api/scan-budget.md b/docs/api/scan-budget.md
index e3080adfbc..7623bfa9f0 100644
--- a/docs/api/scan-budget.md
+++ b/docs/api/scan-budget.md
@@ -38,7 +38,7 @@ The Scan Budget Management APIs allows you to manage scan budgets from HTTP endp
-* Usage Management
+* [Usage Management](/docs/manage/users-roles/roles/role-capabilities/#usage-management)
* View Usage Management
* Manage Usage Management
diff --git a/docs/api/scheduled-views.md b/docs/api/scheduled-views.md
index da3e008157..88d9690434 100644
--- a/docs/api/scheduled-views.md
+++ b/docs/api/scheduled-views.md
@@ -33,6 +33,6 @@ The [Scheduled View](/docs/manage/scheduled-views) Management API allows you to
-* Data Management
+* [Data Management](/docs/manage/users-roles/roles/role-capabilities/#data-management)
* Manage Scheduled Views
* View Scheduled Views
diff --git a/docs/api/scim-user.md b/docs/api/scim-user.md
index 12564dad7e..41c1456c5b 100644
--- a/docs/api/scim-user.md
+++ b/docs/api/scim-user.md
@@ -34,5 +34,5 @@ The SCIM User Management API allows you to provision users to Sumo Logic from [S
-* User Management (all role capabilities)
+* [User Management](/docs/manage/users-roles/roles/role-capabilities/#user-management) (all role capabilities)
diff --git a/docs/api/search-job.md b/docs/api/search-job.md
index e9798e640b..fe61c6026f 100644
--- a/docs/api/search-job.md
+++ b/docs/api/search-job.md
@@ -35,10 +35,10 @@ The Search Job API is available to Enterprise accounts.
-* Data Management
+* [Data Management](/docs/manage/users-roles/roles/role-capabilities/#data-management)
* Download Search Results
* View Collectors
-* Security
+* [Security](/docs/manage/users-roles/roles/role-capabilities/#security)
* Manage Access Keys
diff --git a/docs/api/service-accounts.md b/docs/api/service-accounts.md
index 94d40e8841..5f88e27931 100644
--- a/docs/api/service-accounts.md
+++ b/docs/api/service-accounts.md
@@ -34,6 +34,6 @@ The Service Accounts API allows you to manage service accounts. [Service account
-* User Management (all role capabilities)
+* [User Management](/docs/manage/users-roles/roles/role-capabilities/#user-management) (all role capabilities)
Only administrators can create service accounts. If you are unsure whether you are an administrator, you can view your role in **Preferences** (see [Onboarding Checklists](/docs/get-started/onboarding-checklists/)).
diff --git a/docs/api/service-allowlist.md b/docs/api/service-allowlist.md
index 65c7a8b65f..be53aeb709 100644
--- a/docs/api/service-allowlist.md
+++ b/docs/api/service-allowlist.md
@@ -33,5 +33,5 @@ The [Service Allowlist](/docs/manage/security/create-allowlist-ip-cidr-addresses
-* Security
+* [Security](/docs/manage/users-roles/roles/role-capabilities/#security)
* Allowlist IP Addresses
diff --git a/docs/api/service-map.md b/docs/api/service-map.md
index 5317d09e4c..f739ba34c6 100644
--- a/docs/api/service-map.md
+++ b/docs/api/service-map.md
@@ -40,7 +40,7 @@ Tracing APIs give you the ability to browse and execute queries for traces and s
-* Security
+* [Security](/docs/manage/users-roles/roles/role-capabilities/#security)
* Allowlist IP Addresses
## Endpoints for API access
diff --git a/docs/api/slo-management.md b/docs/api/slo-management.md
index 5884a42c1c..3c8d98b8bf 100644
--- a/docs/api/slo-management.md
+++ b/docs/api/slo-management.md
@@ -33,6 +33,6 @@ With the SLO Management API, you can monitor and set up alerts on KPIs for your
-* Reliability Management
+* [Reliability Management](/docs/manage/users-roles/roles/role-capabilities/#reliability-management)
* Manage SLOs
* View SLOs
diff --git a/docs/api/span-analytics.md b/docs/api/span-analytics.md
index 0e0635d895..d44e33887d 100644
--- a/docs/api/span-analytics.md
+++ b/docs/api/span-analytics.md
@@ -41,7 +41,7 @@ Select the documentation link for your deployment:
-* Data Management
+* [Data Management](/docs/manage/users-roles/roles/role-capabilities/#data-management)
* Download Search Results
* View Collectors
diff --git a/docs/api/threat-intel-ingest.md b/docs/api/threat-intel-ingest.md
index a25e45a7be..72dedd76ef 100644
--- a/docs/api/threat-intel-ingest.md
+++ b/docs/api/threat-intel-ingest.md
@@ -38,6 +38,6 @@ For more information about threat intelligence, see [About Sumo Logic Threat Int
-* Threat Intel
+* [Threat Intel](/docs/manage/users-roles/roles/role-capabilities/#threat-intel)
* View Threat Intel Data Store
* Manage Threat Intel Data Store
diff --git a/docs/api/token-management.md b/docs/api/token-management.md
index 15ad9c5b7a..ef70d0d176 100644
--- a/docs/api/token-management.md
+++ b/docs/api/token-management.md
@@ -33,5 +33,5 @@ The Tokens Management API allows you to manage [Installation Tokens](/docs/manag
-* Data Management
+* [Data Management](/docs/manage/users-roles/roles/role-capabilities/#data-management)
* Manage Tokens
diff --git a/docs/api/tracing.md b/docs/api/tracing.md
index 9caf7ec992..ccf4da6d37 100644
--- a/docs/api/tracing.md
+++ b/docs/api/tracing.md
@@ -39,7 +39,7 @@ Tracing APIs give you the ability to browse and execute queries for traces and s
-* Data Management
+* [Data Management](/docs/manage/users-roles/roles/role-capabilities/#data-management)
* Download Search Results
* View Collectors
diff --git a/docs/api/user-management.md b/docs/api/user-management.md
index e5f23ba340..da8c58235a 100644
--- a/docs/api/user-management.md
+++ b/docs/api/user-management.md
@@ -33,4 +33,4 @@ The User Management API allows you to [manage user accounts](/docs/manage/users-
-* User Management (all role capabilities)
+* [User Management](/docs/manage/users-roles/roles/role-capabilities/#user-management) (all role capabilities)
diff --git a/docs/manage/users-roles/roles/role-capabilities.md b/docs/manage/users-roles/roles/role-capabilities.md
index 5db2a64d65..25dc2fa66b 100644
--- a/docs/manage/users-roles/roles/role-capabilities.md
+++ b/docs/manage/users-roles/roles/role-capabilities.md
@@ -4,258 +4,319 @@ title: Role Capabilities
description: Assign any of these capabilities when you create user roles.
---
+import ApiCreateRole from '../../../reuse/api-create-role.md';
-Following are the capabilities you can assign when you [create roles](create-manage-roles.md).
+Following are the capabilities you can assign when you [create roles](create-manage-roles.md).
+
+:::note
+If you use the [createRoleV2 API](https://api.sumologic.com/docs/#operation/createRoleV2) to create a role, enter the corresponding role capability value in the `capabilities` parameter of the API as indicated in the tables below.
+:::
## Data Management
-| Capability | Description |
-| :-- | :-- |
-| View Collectors | View collectors and sources that have already been installed or added.|
-| Manage Collectors | [View and manage](/docs/send-data) installed and hosted collectors as well as sources. |
-| Manage Ingest Budgets | Allows you to manage [ingest budgets](/docs/manage/ingestion-volume/ingest-budgets). Enabling this will automatically enable the Manage Collectors capability. The Manage Collectors capability on its own permits the re-assignment of budgets to different collectors, but not creating or deleting them.|
-| Manage Data Volume Feed | Enable and manage the [data volume index](/docs/manage/ingestion-volume/data-volume-index) for your account to avoid exceeding your data limits, and to determine when you need to upgrade your account.|
-| View Field Extraction Rules | View [field extraction rules](/docs/manage/field-extractions/create-field-extraction-rule), which accelerate your search process by automatically parsing fields as log messages are ingested.|
-| View Fields | View [fields](/docs/manage/fields), which are custom metadata fields you can assign to logs.|
-| Manage Fields | Manage fields. Note that if you grant a role the Manage Fields capability, users with that role will also have the View Fields and View Field Extraction Rules capabilities.|
-| Manage Field Extraction Rules | Manage [field extractions](/docs/manage/field-extractions), which speed the search process by automatically parsing fields as log messages are ingested. Note that if you grant a role the Manage Field Extraction Rules capability, users with that role will also have the Manage Fields, View Fields, and View Field Extraction Rules capabilities.|
-| Manage S3 and GCS Data Forwarding | Manage [S3 and GCS data forwarding](/docs/manage/data-forwarding/forward-data-from-sumologic) from Sumo Logic to an S3 or GCS bucket.|
-| Manage Content | Manage the content for your organization. This provides access to [Admin Mode](/docs/manage/content-sharing/admin-mode) in the Library.|
-| Manage Apps | Install and manage [apps](/docs/integrations). |
-| Manage Connections | Manage the [connections](/docs/alerts/webhook-connections/) that allow you to send alerts to other tools. |
-| View Connections | View [connections](/docs/alerts/webhook-connections/) on the **Connections** page. |
-| View Scheduled Views | [View Scheduled Views](/docs/manage/scheduled-views).|
-| Manage Scheduled Views | View, create, edit, and delete Scheduled Views. Note that if you grant a role the Manage Schedule Views capability, users with that role will also have View Scheduled Views capability.|
-| View Partitions | View [partitions](/docs/manage/partitions).|
-| Manage Partitions | View, create, edit, and delete partitions. Note that if you grant a role the Manage Partitions capability, users with that role will also have View Partitions and Manage S3 Data Forwarding capabilities.|
-| View Account Overview | View the Account Overview page.|
-| Manage Tokens | Manage [Installation Tokens](/docs/manage/security/installation-tokens).|
-| View Parsers | View [parsers](/docs/cse/schema/parser-editor).|
-| Download Search Results | [Export log query results](/docs/search/get-started-with-search/search-basics/export-search-results) to a .csv file.|
+| Capability | Description | |
+| :-- | :-- | :-- |
+| View Collectors | View collectors and sources that have already been installed or added. | `viewCollectors` |
+| Manage Collectors | [View and manage](/docs/send-data) installed and hosted collectors as well as sources. | `manageCollectors` |
+| Manage Ingest Budgets |Allows you to manage [ingest budgets](/docs/manage/ingestion-volume/ingest-budgets). Enabling this will automatically enable the Manage Collectors capability. The Manage Collectors capability on its own permits the re-assignment of budgets to different collectors, but not creating or deleting them. | `manageBudgets` |
+| Manage Data Volume Feed|Enable and manage the [data volume index](/docs/manage/ingestion-volume/data-volume-index) for your account to avoid exceeding your data limits, and to determine when you need to upgrade your account. | `manageDataVolumeFeed` |
+| View Field Extraction Rules | View [field extraction rules](/docs/manage/field-extractions/create-field-extraction-rule), which accelerate your search process by automatically parsing fields as log messages are ingested. | `viewFieldExtraction` |
+| View Fields | View [fields](/docs/manage/fields), which are custom metadata fields you can assign to logs. | `viewFields` |
+| Manage Fields | Manage fields. Note that if you grant a role the Manage Fields capability, users with that role will also have the View Fields and View Field Extraction Rules capabilities. | `manageFields` |
+| Manage Field Extraction Rules | Manage [field extractions](/docs/manage/field-extractions), which speed the search process by automatically parsing fields as log messages are ingested. Note that if you grant a role the Manage Field Extraction Rules capability, users with that role will also have the Manage Fields, View Fields, and View Field Extraction Rules capabilities. | `manageFieldExtractionRules` |
+| Manage S3 Data Forwarding| Manage [S3 data forwarding](/docs/manage/data-forwarding/forward-data-from-sumologic) from Sumo Logic to an S3 bucket. | `manageS3DataForwarding` |
+| Manage Content| Manage the content for your organization. This provides access to [Admin Mode](/docs/manage/content-sharing/admin-mode) in the Library. | `manageContent` |
+| Manage Apps |Install and manage [apps](/docs/integrations). | `manageApps` |
+| Manage Connections | Manage the [connections](/docs/alerts/webhook-connections/) that allow you to send alerts to other tools. | `manageConnections` |
+| View Connections | View [connections](/docs/alerts/webhook-connections/) on the **Connections** page. | `viewConnections` |
+| View Views | [View Scheduled Views](/docs/manage/scheduled-views). | `viewScheduledViews` |
+| Manage Views | View, create, edit, and delete Scheduled Views. Note that if you grant a role the Manage Scheduled Views capability, users with that role will also have View Scheduled Views capability. | `manageScheduledViews` |
+| View Partitions | View [partitions](/docs/manage/partitions). | `viewPartitions` |
+| Manage Partitions | View, create, edit, and delete partitions. Note that if you grant a role the Manage Partitions capability, users with that role will also have View Partitions and Manage S3 Data Forwarding capabilities. | `managePartitions` |
+| View Account Overview| View the Account Overview page. | `viewAccountOverview` |
+| Manage Tokens | Manage [Installation Tokens](/docs/manage/security/installation-tokens). | `manageTokens` |
+| View Parsers | View [parsers](/docs/cse/schema/parser-editor). | `viewParsers` |
+| Download Search Results | [Export log query results](/docs/search/get-started-with-search/search-basics/export-search-results) to a .csv file. | `downloadSearchResults` |
+| Access Data Volume Index | Access the [`sumologic_volume` index](/docs/metrics/metrics-dpm/#query-the-sumologic_volume-index). | `dataVolumeIndex` |
+
+
## Entity Management
-| Capability | Description |
-| :-- | :-- |
-| Manage Entity Type Configs | Reserved for internal use. |
+| Capability | Description | |
+| :-- | :-- | :-- |
+| Manage Entity Type Configs | Reserved for internal use. | `manageEntityTypeConfig` |
## Metrics
-| Capability | Description |
-| :-- | :-- |
-| Manage Metrics Transformation Rules | Create, edit, or delete [metrics transformation rules](/docs/metrics/metrics-transformation-rules).|
-| Manage Logs-to-Metrics | Create, edit, or delete [Logs-to-Metrics](/docs/metrics/logs-to-metrics) rules.|
-| Manage Metrics Rules | Create, edit, or delete [metrics rules](/docs/metrics/metric-rules-editor/).|
+| Capability | Description | Corresponding value in the *capabilities* field of the [createRoleV2 API](https://api.sumologic.com/docs/#operation/createRoleV2) |
+| :-- | :-- | :-- |
+| Manage Metrics Transformation Rules | Create, edit, or delete [metrics transformation rules](/docs/metrics/metrics-transformation-rules). | `metricsTransformation` |
+| Manage Logs-to-Metrics | Create, edit, or delete [Logs-to-Metrics](/docs/metrics/logs-to-metrics) rules. | `metricsExtraction` |
+| Manage Metrics Rules | Create, edit, or delete [metrics rules](/docs/metrics/metric-rules-editor/). | `metricsRules` |
## Security
-| Capability | Description |
-| :-- | :-- |
-| Manage Password Policy | Set the password policy for your Sumo Logic account.|
-| Allowlist IP Addresses | [Explicitly grant access](/docs/manage/security/create-allowlist-ip-cidr-addresses) to specific IP addresses or address ranges.|
-| Create Access Keys | Create your own [access keys](/docs/manage/security/access-keys/).|
-| Manage Access Keys | Set up, activate, deactivate, or delete access keys for your organization.|
-| Manage Support Account Access | Enable management of the Sumo Logic [support account](/docs/manage/security/enable-support-account) for your organization.|
-| Manage Audit Data Feed | Enable and manage the [Audit Index](/docs/manage/security/audit-indexes/audit-index), which provides information on the internal events that occur in your account associated with account management, user activity, and scheduled searches.|
-| Manage SAML | Provision and manage [SAML](/docs/manage/security/saml) for single sign-on to your Sumo Logic accounts.|
-| Manage Share Dashboards Outside of Organization | [Share a dashboard](/docs/dashboards/share-dashboard-outside-org/) with users who do not have access to Sumo Logic.|
-| Manage Organization Settings | Configure a [concurrent user sessions limit](/docs/manage/security/set-limit-user-concurrent-sessions) and enable the [Data Access Level for Shared Dashboards](/docs/manage/security/data-access-level-shared-dashboards/) security policy.|
-| Change Data Access Level | Change the [data access level of dashboards](/docs/dashboards/set-data-access-level/) or scheduled searches to which they have edit or manage permission.|
+| Capability | Description | |
+| :-- | :-- | :-- |
+| Manage Password Policy|Set the password policy for your Sumo Logic account. | `managePasswordPolicy` |
+|Allowlist IP Addresses | [Explicitly grant access](/docs/manage/security/create-allowlist-ip-cidr-addresses) to specific IP addresses or address ranges. | `ipAllowlisting` |
+| Create Access Keys | Create your own [access keys](/docs/manage/security/access-keys/). | `createAccessKeys` |
+| Manage Access Keys |Set up, activate, deactivate, or delete access keys for your organization. | `manageAccessKeys` |
+| Manage Support Account Access |Enable management of the Sumo Logic [support account](/docs/manage/security/enable-support-account) for your organization. | `manageSupportAccountAccess` |
+| Manage Audit Data Feed|Enable and manage the [Audit Index](/docs/manage/security/audit-indexes/audit-index), which provides information on internal events. | `manageAuditDataFeed` |
+| Manage SAML|Provision and manage [SAML](/docs/manage/security/saml) for single sign-on. | `manageSAML` |
+| Manage Share Dashboards Outside Organization | [Share a dashboard](/docs/dashboards/share-dashboard-outside-org/) with users who do not have Sumo Logic access. | `shareDashboardOutsideOrg` |
+| Manage Organization Settings | Configure concurrent session limits and the Data Access Level for Shared Dashboards security policy. | `manageOrgSettings` |
+|Change Data Access Level|Change the [data access level](/docs/dashboards/set-data-access-level/) of dashboards or scheduled searches. | `changeDataAccessLevel` |
## Dashboards
-| Capability | Description |
-| :-- | :-- |
-| Share Dashboards with the world | [Share dashboards](/docs/dashboards/share-dashboard-outside-org) in view-only mode with no login required. Anyone with the URL can view the dashboard without logging in.|
-| Share Dashboards with your allowlist | [Share dashboards](/docs/dashboards/share-dashboard-new/) in view-only mode with no login required. Viewers must be connecting from IP addresses specified in your [service allowlist](/docs/manage/security/create-allowlist-ip-cidr-addresses).|
-
+| Capability | Description | |
+| :-- | :-- | :-- |
+| Share Dashboards with the World | [Share dashboards](/docs/dashboards/share-dashboard-outside-org) in view-only mode with no login required. | `shareDashboardWorld` |
+| Share Dashboards with the Allowlist | [Share dashboards](/docs/dashboards/share-dashboard-new/) in view-only mode; viewers must be on your service allowlist. | `shareDashboardAllowlist` |
## User Management
-| Capability | Description |
-| :-- | :-- |
-| Manage Users And Roles | Access the web app pages to manage [users](/docs/manage/users-roles/users) and [roles](/docs/manage/users-roles/roles).|
+| Capability | Description | |
+| :-- | :-- | :-- |
+| Manage Users And Roles | Access the UI pages to manage [users](/docs/manage/users-roles/users) and [roles](/docs/manage/users-roles/roles). | `manageUsersAndRoles` |
+
+## Audit Event Management
+
+| Capability | Description | |
+| :-- | :-- | :-- |
+| Access Search Audit Events | View and download audit logs of search queries executed in the UI. | `searchAuditIndex` |
+| Access Audit Events | View and download audit logs of admin and config events. | `auditEventIndex` |
## Automation Service
-| Capability | Description |
-| :-- | :-- |
-| Task View | See tasks in [playbooks](/docs/platform-services/automation-service/playbooks/). |
-| Task Access | Access your tasks in [playbooks](/docs/platform-services/automation-service/playbooks/).|
-| Task Access all | Access all user tasks in [playbooks](/docs/platform-services/automation-service/playbooks/). |
-| Task Edit | Configure tasks in [playbooks](/docs/platform-services/automation-service/playbooks/). |
-| Task Reassign | Assign tasks in [playbooks](/docs/platform-services/automation-service/playbooks/) to users. |
-| App Central Access | View [App Central](/docs/platform-services/automation-service/automation-service-app-central/). |
-| App Central Export | Export contents of integrations and playbooks from [App Central](/docs/platform-services/automation-service/automation-service-app-central/). |
-| Integrations Access | View [integrations](/docs/platform-services/automation-service/automation-service-integrations/). |
-| Integrations Configure | Create and edit [integrations](/docs/platform-services/automation-service/automation-service-integrations/). |
-| Playbooks Access | View [playbooks](/docs/platform-services/automation-service/playbooks/). |
-| Playbooks Configure | Create and edit [playbooks](/docs/platform-services/automation-service/playbooks/). |
-| Bridge Monitoring Access | Monitor [Bridge](/docs/platform-services/automation-service/automation-service-bridge/) operations. |
-| Observability Access | [Access automation](/docs/platform-services/automation-service/about-automation-service/#where-you-can-run-automations) in the Sumo Logic SaaS Log Analytics Platform. |
-| Observability Configure | Create and edit automation in the Sumo Logic SaaS Log Analytics Platform. |
+| Capability | Description | |
+| :-- | :-- | :-- |
+| Task View | See tasks in [playbooks](/docs/platform-services/automation-service/playbooks/). | `cloudSoarIncidentTaskView` |
+| Task Access | Access your tasks in playbooks. | `cloudSoarIncidentTaskAccess` |
+| Task Access All| Access all user tasks in playbooks. | `cloudSoarIncidentTaskAccessAll` |
+| Task Edit| Configure tasks in playbooks. | `cloudSoarIncidentTaskEdit` |
+| Task Reassign | Assign tasks in playbooks to users. | `cloudSoarIncidentTaskReassign` |
+| App Central Access | View [App Central](/docs/platform-services/automation-service/automation-service-app-central/). | `cloudSoarAppCentralAccess` |
+| App Central Export | Export integrations and playbooks from App Central. | `cloudSoarAppCentralExport` |
+| Integrations Access | View [integrations](/docs/platform-services/automation-service/automation-service-integrations/). | `cloudSoarIntegrationsAccess` |
+| Integrations Configure| Create and edit integrations. | `cloudSoarIntegrationsConfigure` |
+| Playbooks Access | View playbooks. | `cloudSoarPlaybooksAccess` |
+| Playbooks Configure| Create and edit playbooks. | `cloudSoarPlaybooksConfigure` |
+| Bridge Monitoring Access |Monitor Bridge operations. | `cloudSoarBridgeMonitoringAccess` |
+| Observability Access | Access automation in the SaaS Log UI. | `cloudSoarObservabilityAccess` |
+| Observability Configure | Create and edit automation in the Sumo Logic SaaS Log Analytics Platform. | `cloudSoarObservabilityManagement` |
## Alerting
-Folder-level permissions are available if your org has fine-grained Monitor permissions enabled. If you'd like to use this feature, contact Sumo Logic Support to have it enabled.
+| Capability | Description | |
+| :-- | :-- | :-- |
+| View Monitors |If folder perms are enabled, view folders & monitors you have access to. | `viewMonitorsV2` |
+| Manage Monitors | Create folders & monitors, grant perms, and (with folder perms) full CRUD on folders you control. | `manageMonitorsV2` |
+|Admin Monitors |With folder perms, full CRUD & grant on all folders & monitors. | `adminMonitorsV2` |
+| View Alerts | View alerts on the [Alert page](/docs/alerts/monitors/alert-response). | `viewAlerts` |
+| View Muting Schedules | View [Muting Schedules](/docs/alerts/monitors/muting-schedules). | `viewMutingSchedules` |
+| Manage Muting Schedules | Create, edit, and delete Muting Schedules. | `manageMutingSchedules` |
-| Capability | Description |
-| :-- | :-- |
-| View Monitors | If [monitors folder permissions](/docs/alerts/monitors/settings/#monitor-folder-permissions) are enabled for your org, users with this capability can view folders on the [Monitors](/docs/alerts/monitors) page to which they've been granted View access, and the Monitors contained in those folders.|
-| Manage Monitors | Users with this capability can create new folders and [monitors](/docs/alerts/monitors), and grant other roles permissions to the folders they create. If [monitors folder permissions](/docs/alerts/monitors/settings/#monitor-folder-permissions) are enabled for your org, users with this capability can also create, edit, delete, update and grant permissions to folders to which another user has granted them those permissions.|
-| Admin Monitors | If [monitors folder permissions](/docs/alerts/monitors/settings/#monitor-folder-permissions) are enabled for your org, users with this capability have full access (Create, Edit, Delete, Update, and grant permissions) to ALL folders and monitors on the Monitors page. This is similar to the Content Administrator capability of the Content Library.|
-| View Alerts | View alerts on the [Alert page](/docs/alerts/monitors/alert-response).|
-| View Muting Schedules | Required for viewing the [Muting Schedules](/docs/alerts/monitors/muting-schedules) page and schedule definitions.|
-| Manage Muting Schedules | Required for creating, editing, and deleting Muting Schedules.|
+
-| Capability | Description |
-| :-- | :-- |
-| View SLOs | View [Service Level Objectives (SLOs)](/docs/observability/reliability-management-slo/create-slo/). |
-| Manage SLOs | Create, edit, and delete SLOs.|
+## Usage Management
-## Organizations
+| Capability | Description | |
+| :-- | :-- | :-- |
+| View Usage Management | View [usage management](/docs/manage/manage-subscription/scan-budgets/). | `viewUsageManagement` |
+| Manage Usage Management | Manage usage management. | `manageBudgets` |
+
+## Reliability Management
-| Capability | Description |
-| :-- | :-- |
-| View Organizations | View the [Organizations](/docs/manage/manage-subscription/create-and-manage-orgs/create-manage-orgs) UI.|
-| Create Organizations | Create and provision child organizations.|
-| Change Credits Allocation | Change the credits allocation for a child organization.|
-| Create Trial Organizations | Create trial organizations. (For Sumo Logic Service Providers only.)|
-| Upgrade Trial Organizations | Upgrade trial organizations. (For Sumo Logic Service Providers only.)|
-| Deactivate Organizations | Deactivate trial organizations. (For Sumo Logic Service Providers only.)|
+| Capability | Description | |
+| :-- | :-- | :-- |
+| View SLOs | View [Service Level Objectives (SLOs)](/docs/observability/reliability-management-slo/create-slo/). | `viewSlos` |
+| Manage SLOs | Create, edit, and delete SLOs. | `manageSlos` |
## Threat Intel
-| Capability | Description |
-| :-- | :-- |
-| View Threat Intel Data Store | View the [Threat Intelligence](/docs/security/threat-intelligence/about-threat-intelligence/) tab. |
-| Manage Threat Intel Data Store | Create, edit, and delete threat intelligence sources on the [Threat Intelligence](/docs/security/threat-intelligence/about-threat-intelligence/) tab. |
-## Cloud SOAR
+| Capability | Description | |
+| :-- | :-- | :-- |
+| View Threat Intel Data Store | View the [Threat Intelligence](/docs/security/threat-intelligence/about-threat-intelligence/) tab. | `viewThreatIntelDataStore` |
+| Manage Threat Intel Data Store | Create, edit, and delete threat intel sources. | `manageThreatIntelDataStore` |
-[Cloud SOAR](/docs/cloud-soar/) capabilities appear in the Roles UI only if Cloud SOAR has been enabled for your account.
+
+
+
+
+## Organizations
+
+| Capability | Description | |
+| :-- | :-- | :-- |
+| View Organizations | View the [Organizations](/docs/manage/manage-subscription/create-and-manage-orgs/create-manage-orgs) UI. | `viewOrganizations` |
+| Create Organizations | Create and provision child organizations. | `createOrganizations` |
+| Change Credits Allocation | Change the credits allocation for a child organization. | `changeCreditsAllocation` |
+| Create Trial Organizations | Create trial organizations (Service Providers only). | `createTrialOrganizations` |
+| Upgrade Trial Organizations | Upgrade trial organizations (Service Providers only). | `upgradeTrialOrganizations` |
+| Deactivate Organizations | Deactivate trial organizations (Service Providers only). | `deactivateOrganizations` |
+
+## Cloud SOAR
+
+[Cloud SOAR](/docs/cloud-soar/) capabilities appear in the roles UI only if Cloud SOAR has been enabled for your account.
:::info
-This section only applies to organizations having a legacy Cloud SOAR instance URL matching the pattern `*.soar.sumologic.com`.
+This section is for our Cloud SOAR SaaS version. If you have a legacy Cloud SOAR instance URL matching the pattern `*.soar.sumologic.com`, see [Legacy Cloud SOAR](#legacy-cloud-soar).
:::
-| Capability | Description |
-| :-- | :-- |
-| View Cloud SOAR | Users with a role that grants this capability will see a **Cloud SOAR** link in the left-nav bar of the Sumo Logic UI. |
-| Settings General | Access Cloud SOAR settings. |
-| Configure | Configure Cloud SOAR. |
+| Capability category | Capability | Description| |
+| :-- | :-- | :-- |:--|
+|View Cloud SOAR||Show “Cloud SOAR” link in nav.| `viewCloudSoar`|
+|Incident|View|View all [incidents](/docs/cloud-soar/incidents-triage/).|`cloudSoarIncidentView`|
+|Incident|Access|Access your incidents.|`cloudSoarIncidentAccess`|
+|Incident|Access All|Access all incidents.|`cloudSoarIncidentAccessAll`|
+|Incident|Edit|Create, edit, delete incidents.|`cloudSoarIncidentEdit`|
+|Incident|Bulk Operations|Manage incident bulk operations.|`cloudSoarIncidentBulkOperations`|
+|Incident|Manage Investigators|Assign/remove investigators.|`cloudSoarIncidentManageInvestigators`|
+|Incident|Change Ownership|Change incident ownership.|`cloudSoarIncidentChangeOwnership`|
+|Triage|View|View all [triage](/docs/cloud-soar/incidents-triage/).|`cloudSoarIncidentTriageView`|
+|Triage|Access|Access your triage events.|`cloudSoarIncidentTriageAccess`|
+|Triage|Access All|Access all triage events.|`cloudSoarIncidentTriageAccessAll`|
+|Triage|Change Ownership|Change triage ownership.|`cloudSoarIncidentTriageChangeOwnership`|
+|Triage|Edit|Create, edit, delete triage events.|`cloudSoarIncidentTriageEdit`|
+|Triage|Bulk Physical Delete|Bulk-delete triage events.|`cloudSoarIncidentTriageBulkPhysicalDelete`|
+|Folders|Edit|Create, edit, delete playbook folders.|`cloudSoarIncidentFoldersEdit`|
+|Attachments|Access|View attachments.|`cloudSoarIncidentAttachmentsAccess`|
+|Attachments|Edit|Create, edit, delete attachments.|`cloudSoarIncidentAttachmentsEdit`|
+|Incident Playbook|Access|View playbooks.|`cloudSoarIncidentPlaybooksAccess`|
+|Incident Playbook|Edit|Create, edit, delete playbooks.|`cloudSoarIncidentPlaybooksEdit`|
+|Incident Playbook|Manage|Manage playbook lifecycle.|`cloudSoarIncidentPlaybooksManage`|
+|Note|Access|View notes.|`cloudSoarIncidentNotesAccess`|
+|Note|Edit|Create, edit, delete notes.|`cloudSoarIncidentNotesEdit`|
+|War Room|Use|Participate in War Room.|`cloudSoarIncidentWarRoomUse`|
+|Settings General|Configure|Configure global settings.|`cloudSoarGeneralConfigure`|
+|User Management|Groups|Manage groups.|`cloudSoarUserManagementGroups`|
+|Notification|Configure|Configure notifications.|`cloudSoarNotificationConfigure`|
+|Customization|Logo|Customize logo.|`cloudSoarCustomizationLogo`|
+|Customization|Fields|Customize fields.|`cloudSoarCustomizationFields`|
+|Customization|Incident Labels|Customize incident labels.|`cloudSoarCustomizationIncidentLabels`|
+|Customization|Triage|Customize triage UI.| `cloudSoarNotificationTriage` |
+|Audit & Info|License Information|View license audit info.|`cloudSoarAuditAndInformationLicenseInformation`|
+|Audit & Info|Audit Trail|View audit trail.|`cloudSoarAuditAndInformationAuditTrail`|
+|Audit & Info|Configure Audit Trail|Configure audit trail.|`cloudSoarAuditAndInformationConfigureAuditTrail`|
+|API|Use|Use the Cloud SOAR API.|`cloudSoarAPIUse`|
+|API|API Admin|Administer Cloud SOAR API.| `cloudSoarAPIAdmin` |
+|API|Email Read|Read email artifacts.|`cloudSoarAPIEmailRead`|
+|API|Email Edit|Create, edit, delete email artifacts.|`cloudSoarAPIEmailEdit`|
+|Incident Templates|Access|View incident templates.|`cloudSoarIncidentTemplatesAccess`|
+|Incident Templates|Configure|Configure incident templates.|`cloudSoarIncidentTemplatesConfigure`|
+|Automation Rules|Access|View automation rules.|`cloudSoarAutomationRulesAccess`|
+|Automation Rules|Configure|Configure automation rules.|`cloudSoarAutomationRulesConfigure`|
+|Entities|Access|View entities.|`cloudSoarEntitiesAccess`|
+|Entities|Manage|Create, edit, delete entities.|`cloudSoarEntitiesManage`|
+|Entities|Bulk Physical Delete|Bulk-delete entities.|`cloudSoarEntitiesBulkPhysicalDelete`|
+|Report|Access|View reports.|`cloudSoarReportAccess`|
+|Report|Access All|Access all reports.|`cloudSoarReportAll`|
+|Dashboard|Access|View dashboards.|`cloudSoarDashboardAccess`|
+|Dashboard|Access All|Access all dashboards.|`cloudSoarDashboardAll`|
+|Widgets|Use All|Use all widgets.|`cloudSoarWidgetsAll`|
+
+### Legacy Cloud SOAR
+
+| Capability | Description |
+| :-- | :-- |
+| View Cloud SOAR|Show “Cloud SOAR” link in nav (legacy URL). |
+| Settings General| Configure legacy settings. |
+| Configure|Update legacy configuration. |
## Cloud SIEM
-[Cloud SIEM](/docs/cse/) capabilities only appear in the Roles UI if Cloud SIEM has been [enabled](/docs/cse/get-started-with-cloud-siem/onboarding-checklist-cse/#provision-cloud-siem) for your account. For more information about how to assign Cloud SIEM capabilities, see [Cloud SIEM User Accounts and Roles](/docs/cse/administration/cse-user-accounts-and-roles/).
+[Cloud SIEM](/docs/cse/) features only show if enabled.
-| Capability category | Capability | Description |
+| Capability| Description | |
+| :-- | :-- | :-- |
+|View Cloud SIEM|Show “Cloud SIEM” link in nav.|`viewCse`|
+
+### Insights
+
+| Capability| Description | |
+| :-- | :-- | :-- |
+|Comment on Insights|Add comments to [Insights](/docs/cse/get-started-with-cloud-siem/about-cse-insight-ui).|`cseCommentOnInsights`|
+|Create Insights|Create new Insights.|`cseCreateInsights`|
+|Delete Insights|Delete existing Insights.|`cseDeleteInsights`|
+|Invoke Insights Actions|Run an [Action](/docs/cse/administration/create-cse-actions) on an Insight.|`cseInvokeInsights`|
+|Manage Insight Assignee|Change who’s assigned to an Insight.|`cseManageInsightAssignee`|
+|Manage Insight Signals|Add/remove Signals on an Insight.|`cseManageInsightSignals`|
+|Manage Insight Status|Change an Insight’s status.|`cseManageInsightStatus`|
+|Manage Insight Tags|Add/delete [tags](/docs/cse/records-signals-entities-insights/tags-insights-signals-entities-rules).|`cseManageInsightTags`|
+
+### Content
+
+| Capability| Description | |
+| :-- | :-- | :-- |
+|View Rules|View [rules](/docs/cse/rules/about-cse-rules).|`cseViewRules`|
+|Manage Rules|Create, edit, delete rules.|`cseManageRules`|
+|View Threat Intelligence|View [threat intel sources](/docs/cse/administration/create-custom-threat-intel-source).|`cseViewThreatIntelligence`|
+|Manage Threat Intelligence|Create, edit, delete threat intel sources.|`cseManageThreatIntelligence`|
+|View Match Lists|View [Match Lists](/docs/cse/match-lists-suppressed-lists/create-match-list).|`cseViewMatchLists`|
+|Manage Match Lists|Create, edit, delete Match Lists.|`cseManageMatchLists`|
+|View File Analysis|View [YARA rules](/docs/cse/rules/import-yara-rules).|`cseViewFileAnalysis`|
+|Manage File Analysis|Create, edit, delete YARA rules.|`cseManageFileAnalysis`|
+|View Custom Insights|View [custom Insights](/docs/cse/records-signals-entities-insights/configure-custom-insight).|`cseViewCustomInsights`|
+|Manage Custom Insights|Create, edit, delete custom insights.|`cseManageCustomInsights`|
+|View Network Blocks|View [network blocks](/docs/cse/administration/create-use-network-blocks).|`cseViewNetworkBlocks`|
+|Manage Network Blocks|Create, edit, delete network blocks.|`cseManageNetworkBlocks`|
+|View Suppressed Entities|View [suppressed entities](/docs/cse/records-signals-entities-insights/about-signal-suppression).|`cseViewSuppressedEntities`|
+|Manage Suppressed Entities|Suppress/unsuppress entities.|`cseManageSuppressedEntities`|
+
+### Configuration
+
+| Capability| Description | |
| :-- | :-- | :-- |
-| View Cloud SIEM | | Users with a role that grants this capability will see a **Cloud SIEM** link in the left-nav bar of the Sumo Logic UI. When a user clicks on the link, the Cloud SIEM [Heads-Up Display (HUD)](/docs/cse/get-started-with-cloud-siem/cse-heads-up-display/) will open. |
-| Insights | Comment on Insights | Add comments to [Insights](/docs/cse/get-started-with-cloud-siem/about-cse-insight-ui). |
-| Insights | Create Insights | Create Insights.|
-| Insights | Delete Insights | Delete Insights.|
-| Insights | Invoke Insights Actions | Choose and run an [Action](/docs/cse/administration/create-cse-actions) from the Actions menu for an Insight.|
-| Insights | Manage Insight Assignee | Change the user that is assigned to an Insight.|
-| Insights | Manage Insight Signals | Add Signals to Insights; remove Signals from Insights.|
-| Insights | Manage Insight Status | Change the status of an Insight.|
-| Insights | Manage Insight Tags | Add and delete [tags](/docs/cse/records-signals-entities-insights/tags-insights-signals-entities-rules) assigned to Insights.|
-| Content | View Rules | View Cloud SIEM [rules](/docs/cse/rules/about-cse-rules).|
-| Content | Manage Rules | Create, edit, and delete Cloud SIEM rules.|
-| Content | View Threat Intelligence | View [threat intel sources](/docs/cse/administration/create-custom-threat-intel-source) in Cloud SIEM.|
-| Content | Manage Threat Intelligence | Create, edit, and delete threat intel sources.|
-| Content | View Match Lists | View [Match Lists](/docs/cse/match-lists-suppressed-lists/create-match-list).|
-| Content | Manage Match Lists | Create, edit, and delete Match Lists.|
-| Content | View File Analysis | View [file analysis (YARA) rules](/docs/cse/rules/import-yara-rules).|
-| Content | Manage File Analysis | Create, edit, and delete file analysis (YARA) rules.|
-| Content | View Custom Insights | View [custom Insight](/docs/cse/records-signals-entities-insights/configure-custom-insight) configurations.|
-| Content | Manage Custom Insights | Create, edit, and delete custom Insight configurations.|
-| Content | View Network Blocks | View [network blocks](/docs/cse/administration/create-use-network-blocks).|
-| Content | Manage Network Blocks | Create, edit, and delete network blocks.|
-| Content | View Suppressed Entities | View [suppressed](/docs/cse/records-signals-entities-insights/about-signal-suppression) Entities.|
-| Content | Manage Suppressed Entities | Suppress and unsuppress Entities.|
-| Configuration | View Mappings | View [log mappings](/docs/cse/schema/create-structured-log-mapping) and [ingest mappings](/docs/cse/ingestion/sumo-logic-ingest-mapping).|
-| Configuration | Manage Mappings | Create, edit, and delete log mappings and ingest mappings.|
-| Configuration | View Workflow | View Insight [detection settings](/docs/cse/records-signals-entities-insights/set-insight-generation-window-threshold), [custom Insight statuses](/docs/cse/administration/manage-custom-insight-statuses), [custom Insight resolutions](/docs/cse/administration/manage-custom-insight-resolutions), and [tag schemas](/docs/cse/administration/create-a-custom-tag-schema).|
-| Configuration | Manage Workflow | Create, edit, and delete Insight detection settings, custom Insight statuses and resolutions, and tag schemas.|
-| Configuration | View Context Actions | View [Context Actions](/docs/cse/administration/create-cse-context-actions).|
-| Configuration | Manage Context Actions | Create, edit, and delete Context Actions.|
-| Configuration | View Actions | View [Actions](/docs/cse/administration/create-cse-actions).|
-| Configuration | Manage Actions | Create, edit, and delete Actions.|
-| Configuration | View Enrichments | View [Enrichments](/docs/cse/integrations/enrichments-and-indicators).|
-| Configuration | Manage Enrichments | Upload Insight, Signal, and Entity enrichments using the Cloud SIEM API.|
-| Configuration | View Custom Entity Types | View [custom Entity types](/docs/cse/records-signals-entities-insights/create-custom-entity-type).|
-| Configuration | Manage Custom Entity Types | Create, edit, and delete custom Entity types.|
-| Configuration | View Entity | View [Entities](/docs/cse/records-signals-entities-insights/view-manage-entities).|
-| Configuration | Manage Entity | Create, edit, and delete Entities. |
-| Configuration | View Entity Normalization | View the configurations on Cloud SIEM’s [Domain Normalization](/docs/cse/schema/username-and-hostname-normalization) page.|
-| Configuration | Manage Entity Normalization | Update the configurations on Cloud SIEM’s Domain Normalization page.|
-| Configuration | View Entity Criticality | View [Entity Criticalities](/docs/cse/records-signals-entities-insights/entity-criticality).|
-| Configuration | Manage Entity Criticality | Create, edit, and delete Entity Criticalities.|
-| Configuration | View Tag Schemas | View [tag schemas](/docs/cse/administration/create-a-custom-tag-schema).|
-| Configuration | Manage Tag Schemas | Create, edit, and delete schema key tags, which can be attached to Insights, Signals, Entities, and Rules.|
-| Configuration | Manage Favorite Fields | Add and remove favorite fields by clicking the star icon next to the fields in Cloud SIEM Records.|
-| Configuration | View Entity Groups | View [Entity Groups](/docs/cse/records-signals-entities-insights/create-an-entity-group).|
-| Configuration | Manage Entity Groups | Create, edit, and delete Entity Groups.|
-| Configuration | View Automations | View [automations](/docs/cse/automation/automations-in-cloud-siem/). |
-| Configuration | Manage Automations | Create, edit, and delete automations. |
-| Configuration | Execute Automations | Run automations. |
+|View Mappings|View [mappings](/docs/cse/schema/create-structured-log-mapping).|`cseViewMappings`|
+|Manage Mappings|Create, edit, delete mappings.|`cseManageMappings`|
+|View Workflow|View detection settings, statuses, resolutions, tag schemas.| `cseViewCustomInsightStatuses` |
+|Manage Workflow|Create, edit, delete detection settings, statuses, resolutions, tag schemas.| `cseManageCustomInsightStatuses` |
+|View Context Actions|View [Context Actions](/docs/cse/administration/create-cse-context-actions).|`cseViewContextActions`|
+|Manage Context Actions|Create, edit, delete Context Actions.|`cseManageContextActions`|
+|View Actions|View [Actions](/docs/cse/administration/create-cse-actions).|`cseViewActions`|
+|Manage Actions|Create, edit, delete Actions.|`cseManageActions`|
+|View Enrichments|View [enrichments](/docs/cse/integrations/enrichments-and-indicators).|`cseViewEnrichments`|
+|Manage Enrichments|Upload enrichment data via API.|`cseManageEnrichments`|
+|View Custom Entity Types|View [custom entity types](/docs/cse/records-signals-entities-insights/create-custom-entity-type).|`cseViewCustomEntityType`|
+|Manage Custom Entity Types|Create, edit, delete custom entity types.|`cseManageCustomEntityType`|
+|View Entity|View [Entities](/docs/cse/records-signals-entities-insights/view-manage-entities).|`cseViewEntity`|
+|Manage Entity|Create, edit, delete entities.|`cseManageEntity`|
+|View Entity Normalization|View Domain Normalization settings.|`cseViewEntityConfiguration`|
+|Manage Entity Normalization|Update Domain Normalization settings.|`cseManageEntityConfiguration`|
+|View Entity Criticality|View [Entity Criticalities](/docs/cse/records-signals-entities-insights/entity-criticality).|`cseViewEntityCriticality`|
+|Manage Entity Criticality|Create, edit, delete entity criticalities.|`cseManageEntityCriticality`|
+|View Tag Schemas|View [tag schemas](/docs/cse/administration/create-a-custom-tag-schema).|`cseViewTagSchemas`|
+|Manage Tag Schemas|Create, edit, delete tag schemas.|`cseManageTagSchemas`|
+|Manage Favorite Fields|Add/remove favorite fields in Records UI.|`cseManageFavoriteFields`|
+|View Entity Groups|View [Entity Groups](/docs/cse/records-signals-entities-insights/create-an-entity-group).|`cseViewEntityGroups`|
+|Manage Entity Groups|Create, edit, delete entity groups.|`cseManageEntityGroups`|
+|View Automations|View [automations](/docs/cse/automation/automations-in-cloud-siem/).|`cseViewAutomations`|
+|Manage Automations|Create, edit, delete automations.|`cseManageAutomations`|
+|Execute Automations|Run automations.|`cseExecuteAutomations`|
diff --git a/docs/reuse/api-create-role.md b/docs/reuse/api-create-role.md
new file mode 100644
index 0000000000..33fc9d38dc
--- /dev/null
+++ b/docs/reuse/api-create-role.md
@@ -0,0 +1 @@
+Value in `capabilities` parameter of [createRoleV2 API](https://api.sumologic.com/docs/#operation/createRoleV2)
\ No newline at end of file