Roles Management
Roles and permissions control the levels of access to different features in BigPanda.
Comprehensive roles management in BigPanda allows you to easily dictate access to resources. Permissions are separated by functional area and resource type, with the ability to create roles based on environments in BigPanda.
Roles Management
Key Features
- Create and customize roles to restrict the availability of your organization's sensitive content.
- Adjust access to areas and functionality of BigPanda on a per-user basis.
- Organizations using Single Sign-On with Just in Time Provisioning can automatically assign roles to user accounts the first time they sign in to BigPanda.
- Protect your organization's resources by configuring access to specific environments.
- The separation of duties provided by Role-Based Access Control (RBAC) localizes areas of access, providing very clear parameters for each user's responsibilities.
Relevant Permissions
Only users with Full access can grant role permissions for a newly created resource. Add Roles Management with Full Access for access to these permissions.
| Permission Name | Description |
|---|---|
| Roles Management | View, add, edit, and delete BigPanda Roles. |
Access Levels
A user account may have one or more roles, and each role may have one or more permissions associated with it. The same role can be assigned to any number of accounts.
BigPanda provides three default roles: Admin, User, and Viewer (Read Only).
The Admin role includes full access to all areas of BigPanda, including the ability to interact with and make changes to resources. The User role includes view only access to settings screens, and full access to take action on incidents in all environments. The Viewer (Read Only) role provides read-only access to all screens.
These default roles can be duplicated and then customized to adjust the permissions or level of access granted to your organization's BigPanda accounts.
Each permission in BigPanda has two options that dictate the level of access. The two access levels provided by BigPanda permissions are:
- View - Read-only access. The resource cannot be interacted with or edited.
- Full Access - All actions related to the resource can be performed.
Environment permissions can also be configured to control user access and actions in each environment. See Environment Permissions for more information.
For more information about Permission types in BigPanda, see Roles and Resource Permissions.
Create a Role
BigPanda Comprehensive Roles Management allows you to create custom roles that have access to specific sections and actions within BigPanda.
Build roles within your organization using the permissions specific to each individual BigPanda resource.
Create New Role
To create a new role:
- Navigate to Settings > Roles Management.
- Click New Role.
- In the Create New Role window, enter a name in the Role Name field.
- Add permissions to the role using the checkboxes. Permissions are divided by functional area in BigPanda. You can select the View or Full access option for each permission. See Roles and Resource Permissions for more information about each role.
- In the Environment Permissions section, select which environments the role has access to from the Incident Actions Permission and/or View Incidents Permission drop-down. Each role must have access to at least one environment to use BigPanda. See Environment permissions for more information.
- Click Create Role to save the role.
Manage Users
Adding a user to a role provides them with access to all of the permissions configured in the role. Users can be added or removed to a role from within the role details pane.
Add a User to a Role
Add a user
To add a user to a role:
- Select the role you wish to add a user to.
- In the role details pane, select the Users column.
- Click the Add Users button.
- In the Add Users to Role window, select users from the drop down menu, or type the name(s) of users you would like to add.
- Click Add Users to save.
Remove a User
To remove a user from a role:
- Select the role you wish to remove a user from.
- In the role details pane, select the Users column.
- In the list of users, find the user you’d like to remove.
- Click the Remove button.
Manage Roles
Roles can be viewed and managed in BigPanda at Settings > Roles Management. Click any role in the list to view details such as permissions and users associated with the role in the right pane.
You can search the list of roles by entering a term in the field above the list. Or, filter the list by Permission, Environment, or User.
Within the Roles Management screen, you can edit, duplicate, temporarily deactivate, or permanently delete roles.
To manage roles:
- Navigate to Settings > Roles Management. A list of existing roles appears.
- Select the role you wish to edit, duplicate, or delete.
- Use any of the following options to modify the role:
| Option | Description |
|---|---|
| Edit | a. Click Edit Role. b. In the Edit Role window, modify the role according to your needs. c. Click Update Role to save. |
| Duplicate | a. Click the Duplicate button. b. In the Duplicate Role window, adjust the role settings and permissions as needed. c. Click Create Role to save. |
| Delete | a. Click the Trash icon. b. Click Delete to confirm, or Cancel to return to the previous page. |
Roles and Resource Permissions
Access to resources can be limited or expanded using the View and Full Access permission access levels. See Access Levels for more information.
Permissions in BigPanda are sorted into three categories based on common BigPanda user types:
Account Administrator
| Permission Name | resource_type | Access Level |
|---|---|---|
| API Keys | apiKeys | View, edit, and create API Keys in BigPanda Settings. |
| Audit Logs | auditLogs | View the Audit Log in BigPanda Settings and the Audit Lot API. |
| Roles Management | roles | View, add, edit, and delete BigPanda Roles in the UI and Roles API. |
| Sharing Quotas | quotas | View and edit Sharing Rate Limitations in BigPanda Settings. |
| Single Sign-On | sso | View, select, and configure a Single Sign-on provider in BigPanda Settings. |
| User Management | users | View, add, edit and delete Users in BigPanda Settings and the SCIM Users API. |
Tool Architect
| Permission Name | resource_type | Access Level |
|---|---|---|
| Alert Correlation | correlations | View, edit, and create new Correlation Patterns in BigPanda Settings and API. |
| Alert Enrichment | enrichments | View and use the Alert Enrichments UI and API. |
| Alert Filtering & Planned Maintenance | plans | View, create, edit, and delete Maintenance Plans and Alert Filters in BigPanda Settings, and use the Plans V1 API. |
| Alert View Customization | alertView | View, create, and edit Alert Views in BigPanda Settings. |
| AutoShare | notifications | View, add, edit, and delete AutoShare Rules in the BigPanda Settings. |
| Incident Enrichment | incidentsTagsDefinitions | View, create, and edit Incident Tags in BigPanda Settings. |
| Integrations | integrations | View, install, and edit Integrations in the Integrations tab. |
| Manage Environments | environments | View, create, edit, and delete Environments in the UI and API, and view the incidents environments contain. See Environment Permissions for more information. |
| Mapping Enrichment (API Only) | enrichmentsJobs | Use the Mapping Enrichment API. |
| Schedules (API Only) | schedules | View and use the Alert Filter Schedules API to define the specific start and end times of Plans configured with the Plans V1 API. |
| Unified Analytics | analytics | View, edit, and create new dashboards in Analytics and assign the Dashboard Designer role. |
Incident Operator
| Permission Name | resource_type | Access Level |
|---|---|---|
| Dashboards | dashboards | View, customize, and interact with BigPanda Dashboards. |
| Root-Cause Changes | changes | View the Related Changes section within the incident details and mark changes as Suspect or Match. |
| Topology View | topology | View, upload, or edit topology maps via API, and view the Topology section in incident details. |
| Unified Search | search | Access Unified Search. |
Environment Permissions
Environment Permissions in BigPanda allows you to manage access to specific environments. To provide access to manage (create, delete, edit) all environments, assign the Environments permission with the Full Access level.
Environment permissions can be assigned during the role creation process. To add specific environment permissions, follow the steps to Create or Edit a role, and scroll to the Environment Permissions section.
If you assigned the full access Environments permission to a role, a message will appear that says This Role has a permission to manage (create, delete, edit) all environments.
Environment Permissions
The following permission types are available for environments:
- Incident Actions Permission - Full access Ability to perform actions on all enrichment tags and incidents (assign, snooze, share, comment), minus environment configuration in the specified environment(s).
- View Incidents Permission - Read-only access to all enrichment tags and incidents in the specified environment(s) without the ability to change or perform any incident action.
Select environment(s) that you would like to assign access to from the drop down menus.
Users must have at least view-only access to at least one environment in order to log in and use the BigPanda UI.
Next Steps
Learn about User Management in BigPanda
Learn about Managing your personal account
Find your way around the BigPanda Settings page
Updated 5 months ago