User Management
This page explains how to setup and manage users within Secberus.
User management overview
Secberus allows you to invite team members to view and contribute to organizations in your account. Using the role-based access control (RBAC) method of regulating access, users are assigned roles within an organization to grant only the amount of access needed to perform their jobs. (See managing user access for more information.)
For customers that need to provide a more granular level of access, Secberus includes the ability to create custom roles via access policies, utilizing the attribute-based access control (ABAC) method.
Creating a user
To create a user, first navigate to the Secberus Admin by clicking Manage account in the Organization Select Menu.
Then select the Users item in the sidebar.
Click the + New user button to bring up the setup screen.
Include the new user's first name, family or last name, and email address.
Then select the access level for the new user. If Limited access is selected, the user will need to be assigned a role(s) in order to access one or more organizations.
Selecting All access will assign the Account owner role to the user, giving them unrestricted access to all organizations within the account.
To complete the new user setup, hit Create.
The user will receive an email with instructions to sign into their account. They will be able to view/manage organizations based on the roles they are assigned.
Note
Only users with the role account owner, can create, edit, and remove users. By default, your Secberus account will be set up with one organization and one user that has the role of account owner. There can be multiple users with the account owner role within a Secberus account.
Managing user access
To manage the access permissions for a user, navigate to the user settings page by navigating to the Secberus Admin and selecting the Users item.
Click on the user you would like to manage access for.
Choose the Organizations the user should have access to, and then select the Roles the user should have for those specific organizations. See Predefined roles for a detailed list of access roles and permissions, or you can create custom roles.
Predefined roles
The following roles are available for organization access.
Features | Viewer | Contributor | Administrator | Account owner |
---|---|---|---|---|
Dashboards | ||||
View violations, compliance, and overview dashboards | x | x | x | x |
Data Explorer | ||||
View and execute queries | x | x | x | x |
Create, edit, and delete queries | x | x | x | |
View tables | x | x | x | x |
Create, edit, and delete views | x | x | x | |
List views | x | x | x | x |
Data sources | ||||
View data sources | x | x | x | x |
Create, edit, and delete data sources | x | x | ||
Policies | ||||
View policy details | x | x | x | x |
Create, edit, and delete policies | x | x | x | |
View, create, edit, and delete policy exceptions | x | x | x | |
View, create, edit, and delete policy categories | x | x | ||
Frameworks | ||||
Enable/disable policy frameworks | x | x | ||
View, create, edit and delete custom frameworks | x | |||
Violations | ||||
View violations | x | x | x | x |
Mark violations as exceptions | x | x | x | |
Workflows | ||||
View workflows | x | x | x | x |
Create, edit, and delete workflows | x | x | ||
Integrations | ||||
View integrations | x | x | x | x |
Create, edit, and delete integrations | x | x | ||
Reports | ||||
View reports | x | x | x | x |
Create, edit, and delete reports | x | x | ||
Activity log | ||||
View activity log | x | |||
Organizations and User management | ||||
View, create, edit, and delete organizations | x | |||
Create, edit, and delete users | x | |||
Manage user access | x | x | ||
Enable SSO | x |
Updated 2 months ago