[Yandex Cloud documentation](../../index.md) > [Yandex Serverless Integrations](../index.md) > [Access management](index.md) > EventRouter roles

# Service roles for EventRouter

With [EventRouter](../concepts/index.md#eventrouter) service roles, you can manage user access to EventRouter resources: [buses](../concepts/eventrouter/bus.md), [connectors](../concepts/eventrouter/connector.md), and [rules](../concepts/eventrouter/rule.md).

```mermaid
flowchart BT
    serverless.eventrouter.editor --> serverless.eventrouter.admin
    serverless.eventrouter.viewer --> serverless.eventrouter.editor
    serverless.eventrouter.supplier --> serverless.eventrouter.editor
    serverless.eventrouter.auditor --> serverless.eventrouter.viewer
```

#### serverless.eventrouter.auditor {#serverless-eventrouter-auditor}

The `serverless.eventrouter.auditor` role enables viewing info on [buses](../concepts/eventrouter/rule.md), [connectors](../concepts/eventrouter/rule.md), and [rules](../concepts/eventrouter/rule.md), as well as [access permissions](../concepts/eventrouter/rule.md) granted for them.

#### serverless.eventrouter.viewer {#serverless-eventrouter-viewer}

The `serverless.eventrouter.viewer` role enables viewing info on [buses](../concepts/eventrouter/connector.md), [connectors](../concepts/eventrouter/connector.md), and [rules](../concepts/eventrouter/connector.md), as well as [access permissions](../concepts/eventrouter/connector.md) granted for them.

This role includes the `serverless.eventrouter.auditor` permissions.

#### serverless.eventrouter.supplier {#serverless-eventrouter-supplier}

The `serverless.eventrouter.supplier` enables sending user events to buses and transmitting audit events.

Users with this role can:
* Send user events to [buses](../concepts/eventrouter/bus.md) using the [EventService/Send](../eventrouter/api-ref/grpc/Event/send.md) gRPC API call.
* Send user events to buses using the [EventService/Put](../eventrouter/api-ref/grpc/Event/put.md) gRPC API call.
* Transmit audit events.

#### serverless.eventrouter.editor {#serverless-eventrouter-editor}

The `serverless.eventrouter.editor` role enables managing buses, connectors, and rules, as well as sending user and audit events to buses.

Users with this role can:
* View info on [buses](../concepts/eventrouter/bus.md) and [access permissions](../../iam/concepts/access-control/index.md) granted for them, as well as create, modify, and delete buses.
* View info on [connectors](../../iam/concepts/access-control/index.md) and access permissions granted for them, as well as create, modify, and delete connectors.
* View info on [rules](../../iam/concepts/access-control/index.md) and access permissions granted for them, as well as create, modify, and delete rules.
* Send user events to buses using the [EventService/Send](../eventrouter/api-ref/grpc/Event/send.md) gRPC API call.
* Send user events to buses using the [EventService/Put](../eventrouter/api-ref/grpc/Event/put.md) gRPC API call.
* Transmit audit events.

This role includes the `serverless.eventrouter.viewer` and `serverless.eventrouter.supplier` permissions.

#### serverless.eventrouter.admin {#serverless-eventrouter-admin}

The `serverless.eventrouter.admin` role enables managing buses, connectors, rules, and access to them, as well as sending user and audit events to buses.

Users with this role can:
* View info on [buses](../concepts/eventrouter/bus.md) as well as create, modify, and delete them.
* View info on [access permissions](../../iam/concepts/access-control/index.md) granted for buses and modify such permissions.
* View info on [connectors](../../iam/concepts/access-control/index.md) as well as create, modify, and delete them.
* View info on access permissions granted for connectors and modify such permissions.
* View info on [rules](../concepts/eventrouter/rule.md) as well as create, modify, and delete them.
* View info on access permissions granted for rules and modify such permissions.
* Send user events to buses using the [EventService/Send](../eventrouter/api-ref/grpc/Event/send.md) gRPC API call.
* Send user events to buses using the [EventService/Put](../eventrouter/api-ref/grpc/Event/put.md) gRPC API call.
* Transmit audit events.
* View info on the EventRouter [quotes](../concepts/limits.md#eventrouter).

This role includes the `serverless.eventrouter.editor` permissions.