Role Based Access Control (RBAC)

GorillaStack ships with three standard user roles: Admin, Member and Guest. When companies using GorillaStack have particular RBAC requirements we typically recommend creating custom Roles.

When creating a new Role, users can define inheritance between roles and define policies that either allow or deny privileges on different resources. For example, a team may decide that they only want to give their Developers read-only access, with additional privileges to manually execute their rules, as well as snooze/cancel privileges so that they can interact with schedule-based triggers. Using GorillaStack they could create a new role named 'Developer' which inherits from the Guest role, and includes an allow policy on Rules, allowing privileges of ManuallyExecute, Snooze and Cancel.

Creating a custom role

  1. First click the Roles link in the left nav for the User Management view User Management Roles
  2. Click Create Role
  3. Name your role and optionally add a description
  4. Define a parent role from which you want to inherit existing access policies User Management Create Role Inheritance
  5. Click Add Policy to add a policy to the custom Role
  6. Select allow or deny and then a resource type and a combination of privileges for that resource that you wish to allow or deny over that given resource. User Management Create Role Add Policy
  7. Continue to add as many policies as you require to customize access control for users with this Role
  8. Click Create Role to complete the Role creation

Next, we'll create a User Group