Role Based Access Control

Configuring Role Based Access Control

RunReveal supports Role Based Access Control for subjects accessing resources in your workspace.

We have configured a set of default roles to simplify the management of permissions assignment to users through those roles.

Each resource has 3 permissions defined: Read, Edit and Delete. Read allows read-only access to the class of resources including listing the instances of that resource. Edit allows for creation and updating that resources attributes and metadata. Deletion is required to remove a resource record from the database.

The following roles have been defined for workspaces: admin, analyst, and cibot. Below you will see their permissions enumerated.

Read SourcesRead and List Source Configs
Edit SourcesCreate and Update Source Configs
Delete SourcesDelete Source Configs
Read DestinationsRead and List Destination Configs
Edit DestinationsCreate and Update Destination Configs
Delete DestinationsDelete Destination Configs
Read QueriesRead and List Named Queries and Detections
Edit QueriesCreate and Edit Named Queries and Detections
Delete QueriesDelete Named Queries and Detections
Read ReportsRead and List Reports
Edit ReportsCreate and Update Report Configs
Delete ReportsDelete Report Configs
Read AnalyticsRead and List Analytics Views
Edit AnalyticsCreate and Update Analytics Configs
Delete AnalyticsDelete Analytics Configs
Read NotificationsRead and List Notification Channels
Edit NotificationsCreate and Update Notification Channels
Delete NotificationsDelete Notification Channels