Just Published! Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

CB Defense: Can Default RBAC Roles be Edited or Deleted?

CB Defense: Can Default RBAC Roles be Edited or Deleted?

Environment

  • CB Defense PSC Console: March '19 Release and later (0.45)

Question

Now that customization of RBAC roles is available, can the default roles be edited or deleted?

Answer

No, the default roles cannot be edited or deleted

Additional Notes

  • The default roles are static templates
  • There is no security risk in roles existing with all permissions granted because role permissions are hierarchical
  • The hierarchical nature of role permissions prevent any user from assigning permissions to a role that are not assigned to their own role
  • For example, a User that is assigned permission to Manage Roles and Users but not Connectors cannot assign permission to manage Connectors

Related Content


Was this article helpful? Yes No
No ratings
Article Information
Author:
Creation Date:
‎03-22-2019
Views:
445
Contributors