> ## Documentation Index > Fetch the complete documentation index at: https://docs.controlplane.com/llms.txt > Use this file to discover all available pages before exploring further. # Security > Workload security permissions, access control policies, and configuration options for managing workload resources and operations. ## Permissions The permissions below are used to define [policies](/reference/policy) together with one or more of the four [principal types](/concepts/access-control): | Permission | Description | Implies | | :------------------- | :--------------------------------------------- | :---------------------------------------------------------------------- | | connect | Connect to replica (open an interactive shell) | | | create | Create new workloads | | | delete | Delete existing workloads | | | edit | Modify existing workloads | view | | exec | Execute commands | exec.runCronWorkload | | exec.runCronWorkload | Force a cron-workload to run | | | manage | Full access | connect, create, delete, edit, exec, exec.runCronWorkload, manage, view | | view | Read-only access | | ## Security Options Settings to control the security of the container at runtime. ### filesystemGroupId Any mounted [Volumes](#volumes) for this container will be owned by the group id provided. When not specified `0` (root) is used. ```yaml YAML theme={null} spec: securityOptions: filesystemGroupId: 777 ``` ### runAsUser Any processes running inside the container will run as the user id provided. When not specified, the default user id for the container image is used. ```yaml YAML theme={null} spec: securityOptions: runAsUser: 1000 ```