Add a Custom Admin Role

Create a custom role to define privileges needed for a specialized admin role on Prisma SaaS.
If you want to define more granular access privileges than what the predefined roles provide, you can add custom admin roles. Custom roles allow you choose the privileges associated with the role so that you can to restrict access to specific pages or actions on Prisma SaaS. When you then assign the role to an administrator, they inherit the privileges associated with the role.
The easiest way to create a custom role is to clone a predefined role, such as the Limited Admin role, and modify it to enable the access privileges for the interface elements that you want to allow for the administrator.
  1. Select
    Settings
    Roles
    and
    Add a New Role
    .
    You can create up to 50 custom roles. If you’d like to clone a predefined role, pick a predefined role, and select
    Actions
    Clone
    .
    clone-custom-admin-role.png
  2. Enter the
    Name
    for the new custom role.
  3. Edit
    the category—Explore, Incidents, Policy , Reports , Settings , Actions—for which you want to modify access privileges.
    For each interface element within a category, you can pick from the following options where applicable:
    • None—No access to the page.
    • View— Can view data on the pages.
    • View, Download—Can download snippets, CSV reports, and PDF reports, in addition to viewing data.
    • View, Download, Create—Can create configuration elements such as policies, data patterns and signatures.
    • Full Control—Can access and modify everything on the interface. Giving full control is equivalent to creating a Super Admin.
    After you make a selection, minimize the category to view the total count for each option.
    custom-admin-role.png
  4. Save
    your changes.

Related Documentation