From the hub, you can use predefined roles to easily
assign user access to Cortex XDR views and actions.
Role-based access control (RBAC) enables you to use predefined
Palo Alto Networks roles to assign access rights to
users. You can manage roles for all
apps and services in the
management console. By assigning roles, you enforce
the separation of access among functional or regional areas of your
Each role extends specific privileges to users. The way you configure
administrative access depends on the security requirements of your
organization. Use roles to assign specific access privileges to
administrative user accounts. The Palo Alto Networks roles provide
specific access rights that cannot be changed, but can be saved
as a new role and edited according to your needs.
You can manage role permissions in
, which are listed by the various components according
to the sidebar navigation in
. Some components include additional action permissions,
such as pivot (right-click) options, which you can also assign access,
but only when you’ve given the user
to the applicable component.
The following tables describe the various
components and additional action permissions according
to the sidebar navigation that are associated with the Palo Alto
Networks predefined roles.
Some features are license-dependent. Accordingly, users
may not see a specific feature if the feature is not supported by
the license type or if they do not have access based on their assigned