Skip to main content

User Guide

Managing Roles

Privitar supports a range of User and API User actions such as Environment configuration, Policy definition and running of Jobs.

These actions are subject to Role-based access control and can be assigned on a per-Team basis. Roles define the actions that a User or API User is able to take in a given Team. That is, control the permissions of Users and API Users in a Team. While Privitar is installed with default Roles, these can be customized and new Roles, that is new combinations of permissions for specific actions, can be defined.

Note

All Users within a Team, that is all Team members, will be able to view all of the basic Privitar configuration objects (including Schemas, Policies, Rules, Jobs, Protected Data Domains) for that Team, independently of their Roles. And similarly, all API users within a Team will be able to read (GET) all basic Privitar configuration objects for that Team, independently of their Roles.

For a description of the default Roles that are supplied in Privitar, see Default Roles.

Creating or Editing a Role

To create or edit a Role:

  1. Select Roles from the Superuser navigation sidebar.

  2. Click on Create New Role to add a new Role (or click on the name of an existing role in the Name column to edit a Role).

    The Role dialog box is displayed showing all the permissions that are available (or have been assigned). For a new role:

    UUID-85e5a00a-c1c8-63f6-07ec-b3abbb8cda8f.png

  3. Assign a unique name to identify the new Role.

  4. Check (or uncheck) the specific permissions that you would like to attribute to this Role. For more information about the permissions, see Role Permissions.

Assigning Roles to Users

To assign Roles to Users in a given Team, see Managing Teams.

Deleting a Role

To delete a Role:

  1. Select Roles from the SuperUser navigation sidebar.

  2. Click on the Selector button alongside the name of the Role you wish to delete.

  3. Select Delete from the Actions list box.

  4. Click on OK to confirm the deletion of the Role.

Note

This action is irreversible and Users that previously had this Role and the associated Permissions will cease to have these permissions after the Role has been deleted.

In this section: