Role Based Access Control (RBAC)

While GorillaStack ships with three standard user roles, we have highly customisable role based access control. Users can define inheritance between roles and define policies that either allow or deny privileges on different resources. For example, a team may decide that they only want to give their Developers read only access, with additional privileges to manually execute their rules, as well as snooze or cancel them if they are schedule based. Using GorillaStack they could create a new role named 'Developer' which inherits from 'Guest', and create an allow policy on Rules, allowing privileges of ManuallyExecute, Snooze and Cancel.

Creating a custom role

  1. First click the "Roles" link in the left nav for the "User Management" view User Management Roles
  2. Click "Create Role"
  3. Name your role and optionally add a description
  4. Define a parent role from which you want to inherit existing access policies User Management Create Role Inheritence
  5. Click "Add Policy" to add a policy to the custom Role
  6. Select allow or deny and then a resource type and a combination of privileges for that resource that you wish to allow or deny over that given resource. User Management Create Role Add Policy
  7. Continue to add as many policies as you require to customise access control for users with this Role
  8. Click "Create Role" to complete the Role creation

Next, we'll create some UserGroups