SaaS Security
Add SaaS Security Posture Management Administrators
Table of Contents
Add SaaS Security Posture Management Administrators
Add SSPM administrators to the Cloud Management console.
| Where Can I Use This? | What Do I Need? |
|---|---|
|
Or any of the following licenses that include the Data Security license:
|
SaaS Security Posture Management (SSPM users are managed through the Common Services: Identity and Access
framework, which supports role-based access control (RBAC). By using Common
Services: Identity & Access, you can add a user to the platform and assign the user to a role. A role is a set
of permissions that determines what the user can access in SSPM. For example, based
on the roles assigned, one administrator might have full read and write access to
views and functions, while another user might have only read access. A set of predefined roles are available, and you
can also create custom roles tailored to your
organizational needs.
Create a Custom Role with SSPM Permissions
Custom roles enable you to choose the privileges associated with the role so that
you can restrict access to specific pages or actions in SSPM. For example, you
might have a user who needs to monitor SaaS security, but you don’t want them to
make any configuration changes. You also don’t want them to view information
about identity security. For this user, you can create a role that allows a user
to view the dashboard and applications pages. This role can also prevent a user
from onboarding applications and from viewing identity posture information.
- Log in to Strata Cloud Manager as a Super User and navigate the Identity & Access roles (.Add custom admin roles through Common Services. Edit the custom roles as per your requirement available under .
![]()
For each parameter within a category, choose from the following options:- No Access—No access to the page.
- Read— View data on the pages, view, and download reports.
- Write—Write operations, such as adding an application, changing an app's settings, or turning monitoring on or off.
Save your changes.After creating the custom admin roles assign it to specific users.After creating custom admin roles, the changes are reflected in the SSPM web interface. Any actions that are not permitted for a user based on their role are grayed out.
