Expanding DigitalOcean’s Role-Based Access Controls with custom roles

Expanding DigitalOcean’s Role-Based Access Controls with custom roles What are custom roles? Key features of custom roles When to use custom roles vs. predefined roles How custom roles benefit your team Resources to get started About the author Try DigitalOcean for free Related Articles Announcing OpenAI gpt-oss Models on the DigitalOcean Gradient™ AI Platform Build smarter AI agents: new tools now available for the DigitalOcean Gradient™ AI Platform Introducing GPU Droplets accelerated by NVIDIA HGX H200 By Nicole Ghalwash Published: June 30, 2025 4 min read Today, we are excited to announce our latest Role-Based Access Control (RBAC) feature, custom roles. With custom roles, teams can now assign permissions to individuals that are precisely aligned with their operational and security requirements, reinforcing the principle of least privilege. This allows for more precise permission management, which helps to enhance overall infrastructure security by reducing the risk of over-privileged accounts. Custom roles give you full control over who can do what on your projects, improving the overall security of your cloud resources. In this blog post, we will walk through what custom roles are, how they work, key features, when to use them, and how they can help your team. Custom roles are user-defined sets of permissions that allow organizations to tailor access control to their specific needs, beyond what’s available in predefined roles. In other words, custom roles let you create your own set of permissions instead of relying only on default, predefined roles (like Viewer, Billing Viewer, etc. ) that may not work for you. Now, users can define more detailed custom permissions that target specific resources and needs. For example, a user may only need read access to Droplets, but write access to Kubernetes. Hear what a DigitalOcean customer had to say about using custom roles.