Managing Users and Roles

How RBAC Works?

The way you control access to resources using RBAC is to create role assignments. This is a key concept to understand – it’s how permissions are enforced.

A role assignment consists of three elements:

  • Security Principal

  • Role Definition

  • Scope

Role-Based Access Control

Security principal

A security principal is an object that represents a user, group, or service principal that is requesting access to NowSecure AUTO resources.

Role Definitions

  • Admin - System-wide privileges, including ability to invite users and assign privileges to others.

  • Analyst - Security functions, including ability to edit reports, edit assessments and view all apps.

  • Customer - Read-only access to specified reports.

  • Developer - Access to team apps and findings without editing capabilities.

  • Exec - Access to team apps and findings without editing capabilities.

  • QA - View apps, assessments, users and reports.

Scope

Scope is the boundary that the access applies to. When you assign a role, you can further limit the actions allowed by defining a scope. This is helpful if you want to make someone a Website Contributor, but only for one resource group.

Role assignment

A role assignment is the process of binding a role definition to a user, group, or service principal at a particular scope for the purpose of granting access. Access is granted by creating a role assignment, and access is revoked by removing a role assignment.

Edit User Role and Groups

  • To edit a user’s role and/or group, hover over the tooltip in the Actions column for a specific user and click the Edit Groups & Roles text link

Role-Based Access Control

  • Select a Role to assign the user from the Role dropdown menu and click the Save button.

  • Select a Group and/or multiple Groups to assign the user from the Groups dropdown menu and click the Save button.


Deactive or Reactivate User Account

  • To Deactivate a User account, hover over the tooltip in the Actions column for a specific user and click the Deactivate text link

Role-Based Access Control

  • Click the Confirm button in the popup modal

  • The users account status is set to Inactive in the user list and the user will no longer have access to NowSecure AUTO. The user will need to contact their Administrator to Reactivate their account

Role-Based Access Control

  • To Reactivate a User account, hover over the tooltip in the Actions column for a specific user and click the Reactivate text link

Role-Based Access Control

  • Click the Confirm button in the popup modal

  • The users account status is set to Active in the user list and will have access to NowSecure AUTO.

Role-Based Access Control