Roles

A Role is a grouping of users that interacts with data in Protegrity Data Security Platform. A Role can consist of users, groups, or a combination of both. It can be configured for Manual, Automatic, or Semi-Automatic retrieval of its members. Each Role is associated with specific data access privileges in the policy.

You can create, view, and manage Roles by navigating to Policy Management from the main menu, and choosing Roles & Member Sources.

Creating Roles

To create a role:

1. On the ESA Web UI, navigate to Policy Management > Roles & Member Source > Roles.

2. Click Add New Role.

   The New Role screen appears.

3. Enter a unique name for the role in the Name textbox.

   Note: Ensure that the length of the role name does not exceed 55 characters.

4. Enter the required description for the role in the Description textbox.

5. In the Mode drop-down, select a refresh mode.

   For more information about about mode types for a role, refer to section Role Refresh Modes.

6. If you want to apply this role to all members in all the member sources, click Applicable to all members. If enabled, the role is applied to all members in users or groups that do not belong to any other role.

   Note: It is recommended to enable Applicable to all members option only for unauthorized user roles. Using it for authorized roles may result in unintentionally open access level to sensitive data.

7. Click Save.

Managing Roles

Roles can be fully modified after they have been created.

Deleting Roles

To remove a Role:

1. On the ESA Web UI, navigate to Policy Management > Roles & Member Sources.

   The Roles tab appears by default.

2. Select the name of the role from the list, and click the Delete action.

   A confirmation dialog box appears.

3. Click OK.

   A message Role has been deleted successfully appears.