About the Master Admin role
Trust Protection Platform includes a default administrator role called Master Admin. This role includes access rights to every object available in the system, including certificates, keys, identities and permissions.
When you first install Trust Protection Platform, the master admin role is assigned to the default administrator account (admin) by default.
You can assign the master admin role to individual users or groups. Because this role can be assigned to a group, users can be managed in this group automatically through an external identity provider, such as LDAP or Active Directory.
You can quickly see which users have the master admin role in the Identity inventory. See Managing system role assignments in Venafi Configuration Console.
WARNING! Use the Master Admin role with extreme caution. Users to whom you assign the Master Admin role have full permissions to every object in the Trust Protection Platform database, including certificates, private keys, and credentials. You cannot hide any objects in the system from users who have been given this role.