User Roles and Permissions for Isolation
Isolation application has five out-of-the-box (OOTB) roles for ISL users:
- ISL Manager: This role has all the Isolation application permissions.
- ISL User: This role is created for the operators of the isolation job, who interact and manage isolation activities.
- Isolation Dashboard Author: This is a special role that is needed only for larger organizations that delegate development of dashboards to a dedicated team especially, one that does NOT operate/ manage the isolation jobs. This role includes all the Isolation Reader permissions.
- Isolation Reader: This role is granted to users with viewing/read-only capabilities developed to provide insight into the Isolation operations. This role has only view permissions on isolation jobs and dashboards.
- Isolation Config Manager: This role is granted to users to access the Configuration > Asset Isolation Exceptions tab. This role has permissions to add or remove IPs, applications or domains from the exceptions list for isolation.
View ISL Roles and Permissions
On the Role Management tab, create a role and view the role and related permissions. For more information, see Creating a Role and Managing Roles and Permissions.
Assigning tags and asset groups to a user
You can assign the required tags and asset groups to the users. For more information, see Managing Users.
User Roles Comparison
The ISL application has several permissions that are assigned to the user roles. The following table compares these permissions granted to the default user roles for ISL:
| Permissions and Description | Default Roles | ||||
|---|---|---|---|---|---|
| ISL Manager | ISL User | Isolation Dashboard Author | Isolation Reader | Isolation Config Manager | |
| Manage Any Jobs: Allows users to create, delete, edit, enable or disable any jobs. | ✔ | ||||
| View Any Jobs: Allows sub users to view any jobs. | ✔ | ||||
| Manage Assigned Jobs: Allows users to created, delete, edit, enable or disable assigned jobs. | ✔ | ✔ | |||
| Manage Isolation Configs (View): Allows sub users to view isolation configurations under the Asset Isolation Exceptions tab. | ✔ | ✔ | ✔ | ✔ | |
| Manage Isolation Configs: Allows sub user to edit and delete isolation configurations under the Asset Isolation Exceptions tab. | ✔ | ✔ | |||
| Manage Dashboards: Allows sub users to create, edit, delete, dashboards and widgets for isolation. | ✔ | ✔ | ✔ | ||
| View Dashboards and other screens based on tag scopes | ✔ | ✔ | ✔ | ✔ | |
| View Assigned Jobs: Allows sub users to view their assigned jobs. | ✔ | ✔ | ✔ | ✔ | |