Roles Management

Roles and permissions control the levels of access to different features in BigPanda.

👍

Welcome to the New Docs Site Structure!

BigPanda docs moved to this new organization on September 30th, 2022.

If you're not finding what you're looking for, let us know what's missing in this short survey.

BigPanda provides two built-in roles: Admin and User. These roles are configurable to define the level of access granted to your organization's BigPanda users. A user may have one or more roles, and each role may have one or more permissions associated with it. The same role can be duplicated and assigned to multiple users.

Role-Based Access Control (RBAC) in BigPanda allows you to dictate the level of a user's access to resources and is customizable by resource and role.

The two permission types provided by BigPanda are:

  • Read-only - the user can only view the resource, they cannot interact with or edit it in any way.
  • Full Access - the user has the ability to perform actions related to the resource (ie: Create, Read, Edit, Delete, etc.).
    For more information about User Roles in BigPanda, see the Roles and Resource Permissions guide.
Settings Dropdown > Role ManagementSettings Dropdown > Role Management

Settings Dropdown > Role Management

Key Features

  • Create and customize roles to restrict the availability of your organization's sensitive content, making it accessible on a per-user basis.
  • Control the degree to which resources are available to select users within your organization.
  • Protect your organization's resources by enforcing the Principle of Least Privilege. Give users the lowest level of access required to perform their role, limiting the scope of any damage caused by issues with one resource.
  • The separation of duties provided by Role-Based Access Control localizes areas of access, providing very clear parameters for each user's responsibilities.

Relevant Permissions

Only users with Full access can grant role permissions for a newly created resource. Add Permissions_Full_Access for access to these permissions.

Role NameDescription
Roles_ReadRead-only - View the Role Management section.
Roles_Full_AccessFull access - View, add, edit and delete BigPanda Roles.

Create a New Role

  1. In the top right, click the Settings cog icon, and then click Roles Management.
  2. Click New Role.
  1. Name the new role.
  2. (Optional) Add Users, Permissions, and Environment Access to the role, as described below.

Field

Description

Role Name

Enter a unique role name.

Users

(Optional) Select the users to which this role will be added.

Permissions

(Optional) Add permissions to resources (other than environments).
Permissions are divided into Read access (ie: Dashboards_Read) and Full access (ie: Dashboards_Full_Access).

Environment Access

Add permissions to environments.

There are three global Environments permissions:
Environments_Full_Access - full access to environment configuration and incident action for all environments.
Environments_Incident_Actions - Access to all environments and the ability to perform incident actions (except for environment configuration).
Environments_Read_Only - Read only access to all environments and incident actions.

BigPanda also offers Granular Environment Permissions, allowing admins to assign access on a per-environment basis. To assign access to a specific environment, add the name of the environment to the permission you wish to assign (ie: _Read).

  1. Click Create Role.

Edit a Role

  1. In the top right, click the Settings cogwheel icon, and then click Roles Management.
  2. Select a role and click Edit Role.
  1. Edit the role's details and click Edit Role.

Duplicate a Role

  1. In the top right, click the Settings cogwheel icon, and then click Roles Management.
  2. Select a role and click Duplicate Role.
  1. (Optional) Name the duplicated role and edit its Users, Permissions, and Environment Access to your new specifications.
  2. Click Duplicate Role.

Delete a Role

  1. In the top right, click the Settings cog icon, and then click Roles Management.
  2. Click Delete Role.

Roles and Resource Permissions

BigPanda Role Based Access Control (RBAC) allows you to create custom roles that have granular access to sections and actions within BigPanda.

BigPanda Resource Permissions

Build roles within your organization using the permissions specific to each individual BigPanda resource.

Permissions

Specifications

Related Docs

Search_Read

Read access to BigPanda Unified search.

Unified Search

Dashboards_Read
Dashboards_Full_Access

Read-only - view BigPanda Dashboards.
Full access - customize and interact with BigPanda Dashboards.

Dashboards

Analytics_Read

  • Read-only - view BigPanda Analytics.

Analytics

Integrations_Read
Integrations_Full_Access

Read-only - view BigPanda Integrations in the BigPanda Integrations tab.
Full access - view, install, uninstall and/or work with integrations in the BigPanda Integrations tab.

Integrations

Users_Read
Users_Full_Access

Read-only - view the list of Users in BigPanda Settings.
Full access - view, add, edit and delete Users in BigPanda Settings.

Users

Users/Management_Read
Users/Management_Full_Access

Read-only - view the User Management screen.
Full access - view, add, edit and delete BigPanda Users. Requires Users_Full_Access.

User Management

Users/Roles_Read
Users/Roles_Full_Access

Read-only - view the User Roles screen.
Full access - view, add, edit and delete BigPanda User Roles.

User Roles

Roles_Read
Roles_Full_Access

Read-only - view the Role Management section.
Full access - view, add, edit and delete BigPanda Roles.
Note: Add Permissions_Full_Access for access to these permissions.

Roles Management

Notifications_Read
Notifications_Full_Access

Read-only - view existing Autosharing settings in the BigPanda Settings.
Full access - view, add, edit and delete Autosharing settings in the BigPanda Settings.

AutoShare

Custom_Tags_Read
Custom_Tags_Full_Access

Read-only - view existing custom tags in the BigPanda Settings.
Full access - preview and create new and inactive Extraction and Composition tags in the BigPanda Settings.

Custom Tags

Correlations_Read
Correlations_Full_Access

Read-only - view existing correlation patterns in the BigPanda Settings.
Full access - preview and create new correlation patterns in the BigPanda Settings.

Correlation Patterns

Quotas_Read
Quotas_Full_Access

Read-only - view existing rate limitations in the BigPanda Settings.
Full access - view and edit rate limitations in the BigPanda Settings.

Sharing Quotas

Apikeys_Read
Apikeys_Full_Access

Read-only - view the existing API Keys in the BigPanda Settings.
Full access - view existing API keys and name, assign and describe new API keys in BigPanda Settings.

API Keys

Sso_Read
Sso_Full_Access

Read-only - view the Single Sign-on section in BigPanda Settings.
Full access - view, select, add, configure, validate and integrate a Single Sign-on provider in BigPanda Settings.

Single Sign-On

Changes_Read
Changes_Full_Access

Read-only - view the Related Changes section in the incident details.
Full access - view and mark changes as Suspect or Match.

Changes

Topology_Read
Topology_Full_Access

Read-only - view the Topology section in the incident details.
Full access - access and configure the Topology graph via the Topology UI API.

Topology

Plans_Read
Plans_Full_Access

Read-only - view the Maintenance Plans section and the Plans V1 and Maintenance Plans V2 (Beta) APIs.
Full access - view and interact with the Maintenance Plans section and use the Plans V1 and the Maintenance Plans V2 (Beta) APIs to configure maintenance plans. Use the Schedules API to define the specific start and end times of Plans configured with the Plans V1 API.
Use these Read and Full permissions for both the Plans V1 API and the Maintenance Plans V2 API.

Maintenance Plans V1 API

Schedules_Read
Schedules_Full_Access

Read-only - view the Schedules API.
Full access - use the Schedules API to define the specific start and end times of Plans configured with the Plans V1 API.

Schedules API

Enrichments_Read
Enrichments_Full_Access
Enrichments-Jobs_Read
Enrichments-Jobs_Full_Access

Read-only - view the Enrichments API.
Full access - use the Enrichments API to view and define mapping enrichments.

Enrichments API

Audit_Logs_Read

Read-only - view the Audit Log API.

Audit Log API

Incident-Tags-Definitions_Read

  • Read-only - View the Incident Enrichment section of the BigPanda Settings.

Incident Enrichment

Incident-Tags-Definitions_Full_Access

  • Full access - View, create and edit incident tags in the Incident Tags section of the BigPanda Settings.

Manage Incident Enrichment

Granular Environment Permissions

BigPanda RBAC provides roles and permissions to control and manage access to different resources in BigPanda.
Granular RBAC applies exclusively to BigPanda Environments, defining permissions at the single environment level.
To set and assign Granular permissions, start with the name of the environment to which privileges will be assigned, followed by _Read and _Incident_Actions, ie: YourEnvironment_Read

🚧

Users must have access to at least one environment, either read-only or with actions, in order to be able to use BigPanda.

Permission

Description

Environments_Full_Access

Read, edit and delete actions for all environments.
Full access to all enrichment tags and incident actions (ie: assign, snooze, share, comment) in all environments.

Environments_Incident_Actions

Full access to all enrichment tags and incident actions (ie: assign, snooze, share, comment) minus environment configuration in all environments.

Environments_Read

Read-only access to all enrichment tags and incident actions (ie: assign, snooze, share, comment) in all environments without the ability to change or submit any new incident action.

<ENV_NAME>_Incident_Actions

Granular - Full access to all enrichment tags and incident actions (ie: assign, snooze, share, comment) minus environment configuration in the specified environment(s).

<ENV_NAME>_Read

Granular - Read-only access to all enrichment tags and incident actions (ie: assign, snooze, share, comment) in the specified environment(s) without the ability to change or submit any new incident action.

📘

Replace <ENV_NAME> with the relevant environment name.

Next Steps

Learn about User Management in BigPanda

Learn about Managing your personal account

Find your way around the BigPanda Settings page