Role Based Access Control in ADEM
Focus
Focus
FedRAMP

Role Based Access Control in ADEM

Table of Contents

Role Based Access Control in ADEM

Where Can I Use This?What Do I Need?
  • Prisma Access (Managed by Strata Cloud Manager)
  • Prisma Access (Managed by Panorama)
  • Prisma Access license
  • Autonomous DEM license
ADEM provides role-based access control to the IT Administrators. Administrators who log in with ADEM Tier 1 Support role get read-only access to the ADEM application only.
The ADEM Tier 1 Support role is available only for Prisma Access tenants that have migrated to the Prisma SASE platform.
To assign the ADEM Tier 1 Support role to an existing user, follow these steps:
  1. On the bottom left corner of the left pane in the Prisma SASE user interface, click Tenants and ServicesIdentity & Access under Common Services.
  2. Select a tenant in the left pane on the Common Services page.
  3. Click Add. The Identity Information dialog opens.
  4. Enter the email address for the user under Identity Address and click Next.
  5. Select Prisma Access in the Apps & Services menu.
  6. Select ADEM Tier 1 Support under the Select a Role menu.
  7. Click Submit.
When Administrators sign in as ADEM Tier 1 Support role, they see the ADEM application only as follows:
For details on Role-Based Access Control, refer to the documentation on Identity & Access and Manage Identity and Access Through the Prisma SASE Platform.
ADEM Permissions for the IAM Roles
IAM RoleADEM Permissions
superuserread, write
view_only_adminread
network_adminread
security_adminread
soc_analystread
auditorread
tier_1_supportread
tier_2_supportread
iam_adminnone
data_security_adminnone
business_adminnone
msp_superuserread, write
msp_iam_adminnone