Forum Discussion
Jenkinso18
Aug 17, 2020Copper Contributor
Secure Score - Custom RBAC
Hi,
Is it possible to create a custom RBAC role which only allows a user to work with Secure Score data (e.g view/export data and add/edit status updates/notes)? I want the user to perform these tasks but don't want them to have security-related permissions outside Secure Score.
Security Operator allows read/export but doesn't allow status/notes updates. Security Admin allows the latter but provides a raft of additional permissions which is undesirable.
I've not been able to find any documentation about creating custom RBAC roles for use with Secure Score. Does anyone know if this is possible?
Thanks.
Afaik no, you need to select one of the predefined roles that allows "write" access to Secure score.
- Jenkinso18Copper Contributor
VasilMichev I suspected as much. Far from ideal.