Knowledge Base

Yes

Environment

CB Defense PSC Console: March '19 Release and later (0.45)

Question

Is it possible to prevent PSC Console users with Manage Roles and Manage Users permissions from creating or assigning a customized RBAC role that is assigned all permissions?

Answer

Yes. Because RBAC permissions are hierarchical in nature, users cannot assign or create roles that include permissions they do not have themselves
For example, a User that is assigned permission to Manage Roles and Users but not Connectors cannot assign permission to manage Connectors
That same User would also not be able to assign roles that include permission to manage Connectors

Knowledge Base

CB Defense: Is it Possible to Prevent Users From Creating or Assigning RBAC Roles With All Permissions?

CB Defense: Is it Possible to Prevent Users From Creating or Assigning RBAC Roles With All Permissions?

Environment

Question

Answer

Related Content

Carbon Black Cloud

Endpoint Standard

Knowledge Base

CB Defense: Is it Possible to Prevent Users From Creating or Assigning RBAC Roles With All Permissions?

CB Defense: Is it Possible to Prevent Users From Creating or Assigning RBAC Roles With All Permissions?

Environment

Question

Answer

Related Content

Carbon Black Cloud

Endpoint Standard

Thank you for your feedback.

Thank you for your feedback.