When running one of the following command with the cf command line client, you receive an error, "error code: 10003, message: You are not authorized to perform the requested action" or "Server error, status code: 403, error code: access_denied, message: Access is denied".
- to create and modify buildpacks (create-buildpack, update-buildpack, rename-buildpack and delete-buildpack)
- to modify users (create-user, delete-user)
- to create and modify organizations (create-org, delete-org, set-quota, create-quota, delete-quota and update-quota)
- service administration (service-auth-tokens, create-service-auth-token, update-service-auth-token, delete-service-auth-token, service-brokers, create-service-broker, update-service-broker, delete-service-broker, rename-service-broker, migrate-service-instances, purge-service-offering)
- security groups administration (security-group, security-groups, create-security-group, update-security-group, delete-security-group, bind-security-group, unbind-security-group, bind-staging-security-group, staging-security-groups, unbind-staging-security-group, bind-running-security-group, running-security-groups, unbind-running-security-group)
- create or delete shared domains (create-shared-domain, delete-shared-domain)
- enable or disable the use of a feature so that users have access to and can use the feature (feature-flags, feature-flag, enable-feature-flag, disable-feature-flag)
PWS is built on Cloud Foundry and uses the latest CF CLI application. This application supports individual developer actions and cloud wide actions. Those cloud wide or org wide actions are not permitted for PWS subscribers. The commands that are NOT available to PWS users are listed above.
Many of the administration commands that are not allowed using the cf cli application can be performed through the developer console. For example, you can utilize the console to create new orgs, invite users to those orgs and manage user permissions.