# Teams Predefined Roles

Teams come with six predefined roles which cover common use cases for levels of access.

The predefined roles are owner, biller, billing viewer, member, modifier, and resource viewer. Each role has a different set of permissions:

| Role | Shared Resources | Billing Information | Team Settings |
|---|---|---|---|
| **Owner** | 🟢 Full access | 🟢 Full access | 🟢 Full access |
| **Biller** | 🔴 No access | 🟢 Full access | 🔴 No access |
| **Billing Viewer** | 🔴 No access | 🟡 Limited read only | 🔴 No access |
| **Member** | 🟢 Full access | 🔴 No access | 🟡 Read only |
| **Modifier** | 🟡 Full access except delete | 🔴 No access | 🟡 Read only |
| **Resource Viewer** | 🟡 Read only | 🔴 No access | 🟡 Read only |

**Shared resources** include DigitalOcean infrastructure components and some team resources:

- All [DigitalOcean resources](https://docs.digitalocean.com/products/index.html.md), like Droplets, volumes, and managed databases
- The resources on [the **Security** tab of the **Settings** page](https://cloud.digitalocean.com/account/security):

  - [Public SSH keys](https://docs.digitalocean.com/platform/teams/how-to/upload-ssh-keys/index.html.md) uploaded to the team
  - [SSL certificates](https://docs.digitalocean.com/platform/teams/how-to/manage-certificates/index.html.md) uploaded to the team
  - [Security history](https://docs.digitalocean.com/platform/teams/how-to/view-security-history/index.html.md)
- [Referral codes](https://docs.digitalocean.com/platform/teams/how-to/refer-others/index.html.md)
- [API-authorized applications](https://docs.digitalocean.com/reference/index.html.md)
- Support tickets

**Billing information** includes everything on [the **Billing** page tabs](https://cloud.digitalocean.com/account/billing), like payment methods and promos. However, billing viewers cannot view billing settings on [the **Settings** tab](https://cloud.digitalocean.com/account/billing/settings).

**Team settings** includes the settings on [the **Team** tab of the **Settings** page](https://cloud.digitalocean.com/account/team):

- Team membership
- Team roles
- Team name
- [Team contact email](https://docs.digitalocean.com/platform/teams/settings/contact-emails/index.html.md)
- [Secure sign-in](https://docs.digitalocean.com/platform/teams/settings/secure-sign-in/index.html.md)
- Droplet limit

[Personal access tokens](https://docs.digitalocean.com/reference/api/create-personal-access-token/index.html.md) for the API are unique to the people who generated them. The permissions of your team role control the [scopes](https://docs.digitalocean.com/reference/api/create-personal-access-token/index.html.md) available to your API tokens.