Configuring Roles and Permissions

  • Updated

Permissions give users authorization to use Panaseer features, functionality and dashboards. As with all areas of identity, access and privilege, we recommend following the principle of least privilege, whereby users are only granted access to the functionality they require for their role.

Users are authorized and can authenticate to Panaseer through single sign on (SSO) integrations, with their Groups associated through the organization's usual LDAP process.

Panaseer administrative users can map Permissions to Roles and Roles to Groups via the Access Management interface (refer to Access management overview for more information). Panaseer provides a set of Roles out of the box, but it is possible to create new Roles with given Permissions.

This article assumes that you have the appropriate permissions to view and configure the Access Management interface.

Roles

Panaseer provides a list of Roles out of the box.

Screenshot 2023-07-21 at 15.29.22.png

Clicking on any role in the list enables you to determine the Permissions associated with the Role, the Groups the Role is mapped to, and the Users who are mapped to the Role through their Groups.

Screenshot 2023-07-21 at 15.31.24.png

Permissions

The Permissions tab provides the list of Permissions that provide authorization to features, functionality and dashboards within Panaseer.

Screenshot 2023-07-21 at 15.34.31.png

On choosing a specific Permission you will be able to see:

  • Roles to which the Permission is mapped.
  • Groups that have gained the given Permission through their Roles.
  • Users who inherit the Permission through their Groups.

The toggles on 'Create', 'Read', 'Update' and 'Delete' can be used to give different combinations that reveal different Roles, Groups and users who are mapped as a result.

Screenshot 2023-07-21 at 15.37.02.png

Mapping Roles to Groups

To map a Role to a Group:

  1. From the Groups tab, choose the Group you wish to make the mapping for in the list of Groups.

    Screenshot 2023-07-21 at 15.13.02.png

  2. Click 'Edit Roles' to choose which Roles to map to the Group.

    Screenshot 2023-07-21 at 15.13.20.png

  3. Select the Roles to include and click 'Save' once ready.

    Screenshot 2023-07-21 at 15.13.39.png

This will take you back to the Group view so that you can see the impact of your change.

Mapping Permissions to Roles

Similarly to when mapping Roles to Groups, to map Permissions to Roles:

  1. From the Roles tab, choose the Role you wish to update and click 'Edit Permissions'.

    Screenshot 2023-07-21 at 15.21.15.png

  2. You will see check boxes for every Permission and most have four choices: 'Create', 'Read', 'Update', 'Delete', which provide the user the ability to create only, read only, update only, or delete only, or combinations as required.

    Screenshot 2023-07-21 at 15.21.35.png

Tooltips provide more details on the purpose of the Panaseer Permission.

We recommend that you make Roles specific and granular to the functionality you wish to permission within Panaseer. Build up a user's authorization access capabilities through mapping multiple Roles to the same Group. It is expected that the Groups to Roles relationship is many to many.  

Creating New Roles

To create a new Role:

  1. From the Roles tab, click '+'.

    Screenshot 2023-07-21 at 15.41.40.png

  2. Give the new Role a title and click 'Save Role Info'.

    Screenshot 2023-07-21 at 15.42.38.png

You can follow the guides above to map Permissions to your new Role and the Role to Groups.

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.