Roles and Resource Permissions

Build roles within your organization using this comprehensive list of permissions offered by BigPanda.

The out-of-the-box (not editable) roles provided by BigPanda are Admin and User. Admins can create and/or duplicate an unlimited amount of these roles and set user permissions for each of their organization's available resources.
BigPanda provides two types of permissions for each resource:

  • Read - Provides Read-Only access to the resource.
  • Full_Access - Provides Full access to all actions related to the resource (ie: view, create, edit, duplicate, delete).
Role ManagementRole Management

Role Management

BigPanda Resource Permissions

Build roles within your organization using the permissions specific to each individual BigPanda resource.

Permissions

Specifications

Related Docs

Search_Read

Read access to BigPanda Unified search.

Unified Search

Dashboards_Read
Dashboards_Full_Access

  • Read-only - view BigPanda Dashboards.
  • Full access - customize and interact with BigPanda Dashboards.

Dashboards

Analytics_Read

  • Read-only - view BigPanda Analytics.

Analytics

Integrations_Read
Integrations_Full_Access

  • Read-only - view BigPanda Integrations in the BigPanda Integrations tab.
  • Full access - view, install, uninstall and/or work with integrations in the BigPanda Integrations tab.

Integrations

Users_Read
Users_Full_Access

  • Read-only - view the list of Users in BigPanda Settings.
  • Full access - view, add, edit and delete Users in BigPanda Settings.

Users

Users/management_Read
Users/management_Full_Access

  • Read-only - view the User Management screen.
  • Full access - view, add, edit and delete BigPanda Users. Requires Users_Full_Access.

User Management

Users/roles_Read
Users/roles_Full_Access

  • Read-only - view the User Roles screen.
  • Full access - view, add, edit and delete BigPanda User Roles.

User Roles

Roles_Read
Roles_Full_Access

  • Read-only - view the Role Management section.
  • Full access - view, add, edit and delete BigPanda Roles.
    Note: Add Permissions_Full_Access for access to these permissions.

Role Management

Notifications_Read
Notifications_Full_Access

  • Read-only - view existing Autosharing settings in the BigPanda Settings.
  • Full access - view, add, edit and delete Autosharing settings in the BigPanda Settings.

Notifications (AutoSharing)

Custom_tags_Read
Custom_tags_Full_Access

  • Read-only - view existing custom tags in the BigPanda Settings.
  • Full access - preview and create new and inactive Extraction and Composition tags in the BigPanda Settings.

Custom Tags

Correlations_Read
Correlations_Full_Access

  • Read-only - view existing correlation patterns in the BigPanda Settings.
  • Full access - preview and create new correlation patterns in the BigPanda Settings.

Correlation Patterns

Quotas_Read
Quotas_Full_Access

  • Read-only - view existing rate limitations in the BigPanda Settings.
  • Full access - view and edit rate limitations in the BigPanda Settings.

Quota Sharing

Apikeys_Read
Apikeys_Full_Access

  • Read-only - view the existing API Keys in the BigPanda Settings.
  • Full access - view existing API keys and name, assign and describe new API keys in BigPanda Settings.

API Keys

Sso_Read
Sso_Full_Access

  • Read-only - view the Single Sign-on section in BigPanda Settings.
  • Full access - view, select, add, configure, validate and integrate a Single Sign-on provider in BigPanda Settings.

Single Sign-On

Changes_Read
Changes_Full_Access

  • Read-only - view the Related Changes section in the incident details.
  • Full access - view and mark changes as Suspect or Match.

Changes

Topology_Read
Topology_Full_Access

  • Read-only - view the Topology section in the incident details.
  • Full access - access and configure the Topology graph via the Topology UI API.

Topology

Plans_Read
Plans_Full_Access

  • Read-only - view the Maintenance Plans section and the Plans V1 and Maintenance Plans V2 (Beta) APIs.
  • Full access - view and interact with the Maintenance Plans section and use the Plans V1 and the Maintenance Plans V2 (Beta) APIs to configure maintenance plans. Use the Schedules API to define the specific start and end times of Plans configured with the Plans V1 API.
    Use these Read and Full permissions for both the Plans V1 API and the Maintenance Plans V2 API.

Maintenance Plans V1 API

Schedules_Read
Schedules_Full_Access

  • Read-only - view the Schedules API.
  • Full access - use the Schedules API to define the specific start and end times of Plans configured with the Plans V1 API.

Schedules API

Enrichments_Read
Enrichments_Full_Access
Enrichments-jobs_Read
Enrichments-jobs_Full_Access

  • Read-only - view the Enrichments API.
  • Full access - use the Enrichments API to view and define mapping enrichments.

Enrichments API

Audit_logs_Read

  • Read-only - view the Audit Log API.*

Audit Log API

Incident-tags-definitions_Read

  • Read-only - View the Incident Tags section of the BigPanda Settings.

[Incident Tags](https://docs.bigpanda.io/docs/incident-tags-beta

Incident-tags-definitions_Full_Access

  • Full access - View, create and edit incident tags in the Incident Tags section of the BigPanda Settings.

Managing Incident Tags

Granular Environment Permissions

BigPanda RBAC provides roles and permissions to control and manage access to different resources in BigPanda.
Granular RBAC applies exclusively to BigPanda Environments, defining permissions at the single environment level.
To set and assign Granular permissions, start with the name of the environment to which privileges will be assigned, followed by _Read and _Incident_Actions, ie: YourEnvironment_Read

🚧

Users must have access to at least one environment, either read-only or with actions, in order to be able to use BigPanda.

Permission

Description

Environments_Full_Access

Read, edit and delete actions for all environments.
Full access to all enrichment tags and incident actions (ie: assign, snooze, share, comment) in all environments.

Environments_Incident_Actions

Full access to all enrichment tags and incident actions (ie: assign, snooze, share, comment) minus environment configuration in all environments.

Environments_Read

Read-only access to all enrichment tags and incident actions (ie: assign, snooze, share, comment) in all environments without the ability to change or submit any new incident action.

<ENV_NAME>_Incident_Actions

Granular - Full access to all enrichment tags and incident actions (ie: assign, snooze, share, comment) minus environment configuration in the specified environment(s).

<ENV_NAME>_Read

Granular - Read-only access to all enrichment tags and incident actions (ie: assign, snooze, share, comment) in the specified environment(s) without the ability to change or submit any new incident action.

📘

Replace <ENV_NAME> with the relevant environment name.