Role Based Access Control in ADEM
Table of Contents
Role Based Access Control in ADEM
ADEM provides role-based access control
to the IT Administrators. Administrators who log in with ADEM Tier
1 Support role get read-only access to the ADEM application only.
The ADEM Tier 1 Support role is available only for Prisma
Access tenants that have migrated to the
Prisma SASE platform.
To assign the ADEM Tier 1 Support role to an existing user, follow
these steps:
- On the bottom left corner of the left pane in the Prisma SASE user interface, click underCommon Services.
- Select a tenant in the left pane on theCommon Servicespage.
- ClickAdd. TheIdentity Informationdialog opens.
- Enter the email address for the user underIdentity Addressand clickNext.
- SelectPrisma Accessin theApps & Servicesmenu.
- SelectADEM Tier 1 Supportunder theSelect a Rolemenu.
- ClickSubmit.
When Administrators sign in as ADEM Tier 1 Support role, they
see the ADEM application only as follows:
For details on Role-Based Access Control, refer to the documentation
on Identity & Access and Manage Identity and Access Through
the Prisma SASE Platform.
ADEM Permissions for the IAM Roles
IAM Role | ADEM Permissions |
|---|---|
superuser | read, write |
view_only_admin | read |
network_admin | read |
security_admin | read |
soc_analyst | read |
auditor | read |
tier_1_support | read |
tier_2_support | read |
iam_admin | none |
data_security_admin | none |
business_admin | none |
msp_superuser | read, write |
msp_iam_admin | none |