Couchbase Server version 7.0 enhances its role-based access control (RBAC) system by introducing several new administrative roles and refining existing ones to improve security and operational efficiency. The Security Admin role has been split into Local User Security Admin and External User Security Admin, allowing more precise management of user permissions within and outside the cluster. Additionally, two new Full Admin roles—Eventing Full Admin and Backup Full Admin—are introduced for specific cluster-wide operations without altering security settings. The update also includes eight new roles for managing and executing SQL++ Query User-Defined Functions (N1QL UDFs), enabling administrators to apply the principle of least privilege by granting specific permissions at the scope or global level. Two operational roles, Manage Scopes and External Stats Reader, have been added to further enhance control over scopes and access to stats endpoints. These changes are part of Couchbase's ongoing effort to bolster security and streamline database management through more granular access controls.