GorillaStack ships with three standard user roles: Admin, Member and Guest. When companies using GorillaStack have particular RBAC requirements we typically recommend creating custom Roles.
When creating a new Role, users can define inheritance between roles and define policies that either allow or deny privileges on different resources. For example, a team may decide that they only want to give their Developers read-only access, with additional privileges to manually execute their rules, as well as snooze/cancel privileges so that they can interact with schedule-based triggers. Using GorillaStack they could create a new role named 'Developer' which inherits from the Guest role, and includes an
allow policy on
Rules, allowing privileges of
denyand then a resource type and a combination of privileges for that resource that you wish to allow or deny over that given resource.