Manage Roles

Cortex XDR enables you to manage roles in the Access Management console.
You can manage roles for a specific tenant only using the
Cortex
XDR
Access Management
console.
In the
Roles
page,
Cortex
XDR
lists the Predefined User Roles for Cortex XDR and custom defined roles. Use roles to assign specific view and action access privileges to administrative user accounts. The way you configure administrative access depends on the security requirements of your organization. The built-in roles provide specific access rights that cannot be changed. The roles you create provide more granular access control.
The following is a description of the different columns in the Roles table.
  • Role Name
    —Name of the role.
  • Created By
    —Displays either the email address of the user who created a custom role or for predefined roles one of the following options are displayed.
    • Palo Alto Networks
      —Predefined role granting user permissions in all tenants.
    • <
      user email address
      > —Custom role created in the gateway granting user permission to this tenant.
    • <
      user email address
      > —Custom role created in the
      Cortex
      XDR
      app granting user permission to this specific tenant.
  • Description
    —Description of the role.
  • Creation Time
    —Date and time when the role was created. The field is available for only a custom role.
  • Update Date
    —Date and time of when the role was last updated. The field is available for only a custom role.
  • Custom
    —Displays a boolean value of either
    Yes
    or
    No
    to indicate whether the role is a custom role.
When creating a
New Role
or editing an existing role, you can manage roles for all
Cortex
XDR
apps and services in the
Components
tab of the
Create Role
window. Role permissions for the various
Cortex
XDR
components are listed according to the sidebar navigation in
Cortex
XDR
. By assigning roles, you enforce the separation of viewing access and initiating actions among functional or regional areas of your organization.
  1. Select
    Settings
    Configurations
    Access Management
    Roles
    .
  2. Manage your
    Cortex
    XDR
    roles.
    Cortex
    XDR
    only displays the roles available on your tenant. To view the roles and permissions for multiple tenants, see Permission Management.
    In the
    Roles
    table, the following options are available to help you manage roles.
    • Create a custom role based on Cortex XDR Predefined roles.
      1. Locate the predefined role that you want to base your custom role on, right-click, and select
        Save As New Role
        .
      2. Specify a
        Role Name
        and update the
        Description
        .
      3. In the
        Components
        tab, where the components are listed according to the sidebar navigation in
        Cortex
        XDR
        , update the role permissions for each
        Cortex
        XDR
        component to
        None
        ,
        View
        , or
        View/Edit
        . Some components have an additional actions level to define.
      4. Create
        the role.
    • Create and save new roles based on the granular permission.
      1. Select
        New Role
        .
      2. Specify a
        Role Name
        and
        Description
        .
      3. In the
        Components
        tab, where the components are listed according to the sidebar navigation in
        Cortex
        XDR
        , update the role permissions for each
        Cortex
        XDR
        component to
        None
        ,
        View
        , or
        View/Edit
        . Some components have an additional actions level to define.
      4. Create
        the role.
    • Edit role permissions (only available for roles created in the tenant).
      1. Locate the custom role you want to edit, right-click, and select
        Edit Role
        .
      2. In the
        Components
        tab of the
        Edit Role
        window, where the components are listed according to the sidebar navigation in
        Cortex
        XDR
        , update the role permissions for each
        Cortex
        XDR
        component to
        None
        ,
        View
        , or
        View/Edit
        . Some components have an additional actions level to define.
      3. Edit
        the role.

Recommended For You