Focus

Strata Multitenant Cloud Manager

Roles and Permissions

Table of Contents

Roles and Permissions

ThePrisma SASE App for ServiceNow uses specific user roles to ensure that each user has the appropriate level of access to the app's features and data. The following table lists the key roles available in the app and describes their associated permissions and responsibilities.

User Roles and Permissions

User	Role	Permission	Description
System Administrator	admin	Installation of the application App Initial Configuration Application Logs	The user with admin roles will install and configure the application.
Credential Admin	credential_admin	Permission to access credential tables	Users with the credential_admin role can manage the Prisma SASE Configuration and ServiceNow Configuration credentials.
Notification Profile User	x_paan_prisma_sase.notification_profile_user	Create and Manage Notification Profiles Enable Notification Profile	Users will be able to create, update and delete Notification Profiles.
ITIL Admin	itil_admin	Manage users with the ITIL role Configure and manage assignment groups	Users with this role can manage ITIL users, assignment groups, and ITSM configurations.
ITIL User	itil	Create, view, and update Incidents	Users with this role can create, update, and manage incidents.
Prisma SASE NOC Incidents User	x_paan_prisma_sase.prisma_sase_noc_incidents_user	Network Incidents	Users with the NOC incidents role will be able to view Prisma SASE Network Incidents.
Prisma SASE SOC incident user	x_paan_prisma_sase.prisma_sase_soc_incidents_user	Security Incidents	Users with the SOC incidents role will be able to view all other incidents which are not NOC incidents
Multi Tenant Dashboard User	x_paan_prisma_sase.multi_tenant_dashboard_user	Dashboards Threats Applications Licenses Tenant Resources View all tenant-level dashboards in the application.	Users with a Multi Tenant Dashboard User role can view multi-tenant dashboards, including Tenant Hierarchy, Threats, Applications, Licenses, and Tenant Resources.
Import user	x_paan_prisma_sase.import_user	Workflow Settings Import Template	A User with this role can create new automation workflow entries i.e user can upload template for any of the workflows
Workflow admin user	x_paan_prisma_sase.workflow_admin	Workflow Settings Import Template	User with this Role Can Approve/ reject
Onboarding New Tenant Workflow user	x_paan_prisma_sase.onboarding_new_tenant_workflow_user	Workflow Settings Onboarding New Tenant	User with this role can create Onboarding New Tenant Workflow via the UI form
Infrastructure User	x_paan_prisma_sase.infrastructure_workflow_user	Workflow Settings Infrastructure	User with this role can create Infrastructure Workflow via the UI form
Mobile User- User	x_paan_prisma_sase.mobile_users_result_viewer	Workflow Settings Mobile Users	User with this role can create Mobile User workflow via the UI form

Roles Required to Access Application Menus

Application Menu	Required Roles
Basic Settings	admin x_paan_prisma_sase.guided_setup_user
Incident settings Notification Profile	credential_admin x_paan_prisma_sase.notification_profile_user
Incidents Network Incidents	itil itil_admin x_paan_prisma_sase.prisma_sase_noc_incidents_user
Dashboards Threats Applications Licenses Tenant Resources	credential_admin x_paan_prisma_sase.multi_tenant_dashboard_user
Support & Logs Application Logs App Privacy Policy Get Help	workflow_admin x_paan_prisma_sase.support_user
Workflow Settings Import Template	credential_admin connection_admin x_paan_prisma_sase.import_user
Workflow Settings Onboarding New Tenant	credential_admin connection_admin x_paan_prisma_sase.onboarding_new_tenant_workflow_user
Workflow Settings Infrastructure	credential_admin connection_admin x_paan_prisma_sase.infrastructure_workflow_user
Workflow Settings Mobile Users	credential_admin connection_admin x_paan_prisma_sase.mobile_users_workflow_user
Workflow Settings ZTNA Connector	credential_admin connection_admin x_paan_prisma_sase.ztna_connector_workflow_user
Workflow Settings Service Connection	credential_admin connection_admin x_paan_prisma_sase.service_connection_workflow_user
Incident settings Log Forwarding Profile	credential_admin x_paan_prisma_sase.log_forwarding_profile_user
Automated Workflows Onboarding New Tenant	x_paan_prisma_sase.onboarding_new_tenant_result_viewer
Automated Workflows Infrastructure	x_paan_prisma_sase.infrastructure_result_viewer
Automated Workflows Mobile Users	x_paan_prisma_sase.mobile_users_result_viewer
Automated Workflows ZTNA Connector	x_paan_prisma_sase.ztna_connector_result_viewer
Automated Workflows Service Connection	x_paan_prisma_sase.service_connection_result_viewer
Automated Workflows Monitoring Mobile Users	x_paan_prisma_sase.monitor_mobile_users_user
Automated Workflows Monitoring All Tenants	x_paan_prisma_sase.monitor_all_tenant_user
Automated Workflows Monitoring Service Connections	x_paan_prisma_sase.monitor_service_connection_user
Incidents Security Incident	itil itil_admin x_paan_prisma_sase.prisma_sase_soc_incidents_user
Customer Support Ticket Create CSP Ticket Tickets	itil credential_admin connection_admin x_paan_prisma_sase.customer_support_portal_user

Roles Available for Tenant Assignment

x_paan_prisma_sase.notification_profile_user
x_paan_prisma_sase.prisma_sase_noc_incidents_user
x_paan_prisma_sase.multi_tenant_dashboard_user
x_paan_prisma_sase.support_user

Roles Restricted from Tenant Assignment

x_paan_prisma_sase.incident_severity_mapping_user
x_paan_prisma_sase.incident_state_mapping_user
x_paan_prisma_sase.domain_company_mapping_user

Customer Support Tickets