Role-Based Access Control in an Organization

Security Cloud Control supports role-based access control (RBAC) to automate access management across the organization. A role defines the level of user access to functions within a product. With Security Cloud Control, you can centralize the management of user roles within an organization, allowing organization users to switch seamlessly between products without the need to log in repeatedly.

As an organization administrator, you can define applicable user roles for a product and assign one or more roles to each user. You can organize user accounts into manageable units called groups, which let you assign roles to multiple users simultaneously. Each group can be assigned one or more roles and the members of the group inherit those roles.

The Security Cloud Control user interface offers separate pages to manage administrators, admin groups, and admin roles.

This document uses the term "users" to refer to the administrators who are the users of Security Cloud Control.

On the Administrators page, you can…	On the Admin groups page, you can…	On the Admin roles page, you can…
Create users Assign roles to users Add users to groups Edit the name of a user Disable a user account Restore a user account View the list of users Search for a user based on the name, type, or status User accounts are segregated based on their status: Current accounts–This filter displays all active users. Pending invitations–This filter displays all users that are invited and whose activations are pending. Disabled accounts–This filter displays all those users whose accounts are disabled.	Create a group and add users to the group Edit a group name Add or remove users from a group Assign roles to a group Delete a group View the list of groups that are created for the organization	View the list of roles that are associated with a product Assign roles to users and groups Edit or remove roles that are assigned to users or groups

On the Administrators page, you can…

On the Admin groups page, you can…

On the Admin roles page, you can…

Create users
Assign roles to users
Add users to groups
Edit the name of a user
Disable a user account
Restore a user account
View the list of users
Search for a user based on the name, type, or status

User accounts are segregated based on their status:

Current accounts–This filter displays all active users.
Pending invitations–This filter displays all users that are invited and whose activations are pending.
Disabled accounts–This filter displays all those users whose accounts are disabled.

Create a group and add users to the group
Edit a group name
Add or remove users from a group
Assign roles to a group
Delete a group
View the list of groups that are created for the organization

View the list of roles that are associated with a product
Assign roles to users and groups
Edit or remove roles that are assigned to users or groups

Previous topic Managing Role-Based Access Control Next topic Managing Users