Workbench Roles and Permissions
List of Roles and Permissions used in the Policy Workbench.
Roles are templates that include permissions and users can be assigned to one or more roles. All users in the appliance must be associated with a role.
The roles packaged with Policy Workbench are as follows:
| Roles | Description | Permissions |
|---|---|---|
| workbench_administrator | Full administrative access to workbench. | workbench_management_policy_write, workbench_deployment_immutablepackage_export, workbench_deployment_certificate_export |
| workbench_viewer | Read-only access to workbench. | workbench_management_policy_read |
| workbench_deployment_administrator | Administrative access to workbench deployments. | workbench_deployment_immutablepackage_export, workbench_deployment_certificate_export |
The capabilities of a role are defined by the permissions attached to the role. Though roles can be created, modified, or deleted from the appliance, permissions cannot be edited. The permissions that are available to map with a user and packaged with Policy Workbench as default permissions are as follows:
| Permissions | Description |
|---|---|
| workbench_management_policy_write | Allows management of policies and configurations. |
| workbench_management_policy_read | Allows viewing of policies and configurations. |
| workbench_deployment_immutablepackage_export | Allows exporting encrypted resilient packages. |
| workbench_deployment_certificate_export | Allows exporting certificates used by protectors for dynamic resilient packages. |
Feedback
Was this page helpful?