diff --git a/apps/wallet/src/configs/permissions.config.ts b/apps/wallet/src/configs/permissions.config.ts
index 29aefd2b1..7a33ca96e 100644
--- a/apps/wallet/src/configs/permissions.config.ts
+++ b/apps/wallet/src/configs/permissions.config.ts
@@ -13,6 +13,7 @@ import {
   isResourceActionContained,
   isSystemResourceActionContained,
   isUserResourceActionContained,
+  isExternalCanisterActionContained,
 } from '~/utils/permissions.utils';
 import { variantIs } from '~/utils/helper.utils';
 
@@ -308,6 +309,51 @@ export const globalPermissions = (): AggregatedResoucePermissions[] => [
         return isRequestResourceActionContained(specifier.Request, resource.Request);
       }
 
+      return false;
+    },
+  },
+  {
+    resourceType: ResourceTypeEnum.ExternalCanister,
+    resources: [
+      {
+        action: ResourceActionEnum.List,
+        resource: { ExternalCanister: { List: null } },
+        allow: defaultAllowLevels(),
+        canEdit: false,
+      },
+      {
+        action: ResourceActionEnum.Create,
+        resource: { ExternalCanister: { Create: null } },
+        allow: defaultAllowLevels(),
+        canEdit: false,
+      },
+      {
+        action: ResourceActionEnum.Read,
+        resource: { ExternalCanister: { Read: { Any: null } } },
+        allow: defaultAllowLevels(),
+        canEdit: false,
+      },
+      {
+        action: ResourceActionEnum.Change,
+        resource: { ExternalCanister: { Change: { Any: null } } },
+        allow: defaultAllowLevels(),
+        canEdit: false,
+      },
+      {
+        action: ResourceActionEnum.Fund,
+        resource: { ExternalCanister: { Fund: { Any: null } } },
+        allow: defaultAllowLevels(),
+        canEdit: false,
+      },
+    ],
+    match(specifier: Resource, resource: Resource): boolean {
+      if (variantIs(specifier, 'ExternalCanister') && variantIs(resource, 'ExternalCanister')) {
+        return isExternalCanisterActionContained(
+          specifier.ExternalCanister,
+          resource.ExternalCanister,
+        );
+      }
+
       return false;
     },
   },
diff --git a/apps/wallet/src/locales/en.locale.ts b/apps/wallet/src/locales/en.locale.ts
index d99a17858..5fb34b46f 100644
--- a/apps/wallet/src/locales/en.locale.ts
+++ b/apps/wallet/src/locales/en.locale.ts
@@ -735,6 +735,7 @@ export default {
       request: 'Request',
       addressbook: 'Address Book',
       managesysteminfo: 'Manage System Info',
+      externalcanister: 'External Canister',
     },
     actions: {
       list: 'List',
@@ -749,6 +750,8 @@ export default {
       systeminfoconfig: 'Configuration (Upgrades, Metrics, Usage)',
       managesysteminfo: 'Manage System Info (e.g. name)',
       systemupgrade: 'Upgrade',
+      change: 'Change',
+      fund: 'Fund',
     },
     allow: {
       public: 'Anyone',
diff --git a/apps/wallet/src/locales/fr.locale.ts b/apps/wallet/src/locales/fr.locale.ts
index 004a31c6d..656028f29 100644
--- a/apps/wallet/src/locales/fr.locale.ts
+++ b/apps/wallet/src/locales/fr.locale.ts
@@ -745,6 +745,7 @@ export default {
       request: 'Demande',
       addressbook: "Carnet d'Adresses",
       managesysteminfo: 'Gérer les informations système',
+      externalcanister: 'Canister Géré',
     },
     actions: {
       list: 'Lister',
@@ -759,6 +760,8 @@ export default {
       systeminfoconfig: 'Configuration (Mises à jour, Métriques, Utilisation)',
       managesysteminfo: 'Gérer les informations système (par exemple. nom)',
       systemupgrade: 'Mise à jour du système',
+      change: 'Changement',
+      fund: 'Financer',
     },
     allow: {
       public: "N'importe qui",
diff --git a/apps/wallet/src/locales/pt.locale.ts b/apps/wallet/src/locales/pt.locale.ts
index 5547ce452..dc75ab3c0 100644
--- a/apps/wallet/src/locales/pt.locale.ts
+++ b/apps/wallet/src/locales/pt.locale.ts
@@ -742,6 +742,7 @@ export default {
       request: 'Pedido',
       addressbook: 'Livro de endereços',
       managesysteminfo: 'Gerir informações do sistema',
+      externalcanister: 'Canister gerenciado',
     },
     actions: {
       list: 'Listar',
@@ -756,6 +757,8 @@ export default {
       systeminfoconfig: 'Configuração (Atualizações, Métricas, Uso)',
       managesysteminfo: 'Gerir Informações do Sistema (e.g. nome)',
       systemupgrade: 'Atualizar o sistema',
+      change: 'Alterar',
+      fund: 'Financiar',
     },
     allow: {
       public: 'Acesso público',
diff --git a/apps/wallet/src/types/permissions.types.ts b/apps/wallet/src/types/permissions.types.ts
index bb5979edc..ef6eded9f 100644
--- a/apps/wallet/src/types/permissions.types.ts
+++ b/apps/wallet/src/types/permissions.types.ts
@@ -20,6 +20,8 @@ export enum ResourceActionEnum {
   Create = 'Create',
   Read = 'Read',
   Update = 'Update',
+  Change = 'Change',
+  Fund = 'Fund',
   Delete = 'Delete',
   Transfer = 'Transfer',
   SystemInfoConfig = 'SystemInfoConfig',
diff --git a/apps/wallet/src/utils/permissions.utils.ts b/apps/wallet/src/utils/permissions.utils.ts
index d86eb9d05..887c79f0d 100644
--- a/apps/wallet/src/utils/permissions.utils.ts
+++ b/apps/wallet/src/utils/permissions.utils.ts
@@ -1,6 +1,8 @@
 import {
-  PermissionResourceAction,
   AccountResourceAction,
+  ExternalCanisterId,
+  ExternalCanisterResourceAction,
+  PermissionResourceAction,
   RequestResourceAction,
   ResourceAction,
   ResourceId,
@@ -24,6 +26,21 @@ export const isResourceIdContained = (a: ResourceId, b: ResourceId) => {
   return variantIs(a, 'Any') && variantIs(b, 'Any');
 };
 
+/**
+ * Checks if `a` is contained in `b`
+ *
+ * @param a Specifier to check if it is contained in b
+ * @param b Specifier to check if it contains a
+ * @returns true if a is contained in b
+ */
+export const isExternalCanisterIdContained = (a: ExternalCanisterId, b: ExternalCanisterId) => {
+  if (variantIs(a, 'Canister') && variantIs(b, 'Canister')) {
+    return a.Canister === b.Canister;
+  }
+
+  return variantIs(a, 'Any') && variantIs(b, 'Any');
+};
+
 /**
  * Checks if `a` is contained in `b`
  *
@@ -113,6 +130,33 @@ export const isUserResourceActionContained = (a: UserResourceAction, b: UserReso
   return false;
 };
 
+export const isExternalCanisterActionContained = (
+  a: ExternalCanisterResourceAction,
+  b: ExternalCanisterResourceAction,
+) => {
+  if (variantIs(a, 'List') && variantIs(b, 'List')) {
+    return true;
+  }
+
+  if (variantIs(a, 'Create') && variantIs(b, 'Create')) {
+    return true;
+  }
+
+  if (variantIs(a, 'Read') && variantIs(b, 'Read')) {
+    return isExternalCanisterIdContained(a.Read, b.Read);
+  }
+
+  if (variantIs(a, 'Change') && variantIs(b, 'Change')) {
+    return isExternalCanisterIdContained(a.Change, b.Change);
+  }
+
+  if (variantIs(a, 'Fund') && variantIs(b, 'Fund')) {
+    return isExternalCanisterIdContained(a.Fund, b.Fund);
+  }
+
+  return false;
+};
+
 export const isAccountResourceActionContained = (
   a: AccountResourceAction,
   b: AccountResourceAction,