The way you control access to resources using RBAC is to create role assignments. This is a key concept to understand – it’s how permissions are enforced.
A security principal is an object that represents a user, group, or service principal that is requesting access to NowSecure AUTO resources.
Admin - System-wide privileges, including ability to invite users and assign privileges to others.
Analyst - Security functions, including ability to edit reports, edit assessments and view all apps.
Customer - Read-only access to specified reports.
Developer - Access to team apps and findings without editing capabilities.
Exec - Access to team apps and findings without editing capabilities.
QA - View apps, assessments, users and reports.
Scope is the boundary that the access applies to. When you assign a role, you can further limit the actions allowed by defining a scope. This is helpful if you want to make someone a Website Contributor, but only for one resource group.
A role assignment is the process of binding a role definition to a user, group, or service principal at a particular scope for the purpose of granting access. Access is granted by creating a role assignment, and access is revoked by removing a role assignment.