logo

Knowledge Base

Access official resources from Carbon Black experts

Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

CB Defense: Can Default RBAC Roles be Edited or Deleted?

CB Defense: Can Default RBAC Roles be Edited or Deleted?

Environment

  • CB Defense PSC Console: March '19 Release and later (0.45)

Question

Now that customization of RBAC roles is available, can the default roles be edited or deleted?

Answer

No, the default roles cannot be edited or deleted

Additional Notes

  • The default roles are static templates
  • There is no security risk in roles existing with all permissions granted because role permissions are hierarchical
  • The hierarchical nature of role permissions prevent any user from assigning permissions to a role that are not assigned to their own role
  • For example, a User that is assigned permission to Manage Roles and Users but not Connectors cannot assign permission to manage Connectors

Related Content


Was this article helpful? Yes No
No ratings
Article Information
Author:
CB_Support
Creation Date:
‎03-22-2019
Views:
595
Contributors
logo

Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.