Aug 17 2020 05:27 AM
Hi,
Is it possible to create a custom RBAC role which only allows a user to work with Secure Score data (e.g view/export data and add/edit status updates/notes)? I want the user to perform these tasks but don't want them to have security-related permissions outside Secure Score.
Security Operator allows read/export but doesn't allow status/notes updates. Security Admin allows the latter but provides a raft of additional permissions which is undesirable.
I've not been able to find any documentation about creating custom RBAC roles for use with Secure Score. Does anyone know if this is possible?
Thanks.
Aug 17 2020 09:37 AM
Afaik no, you need to select one of the predefined roles that allows "write" access to Secure score.
Aug 18 2020 05:55 AM
@Vasil Michev I suspected as much. Far from ideal.