Documentation Center
AlienVault® USM Central™

Role-Based Access Control (RBAC) in USM Central

USM Central implements role-based access control (RBAC), which provides users with

  • the ability to restrict certain users from accessing administrative capabilities like adding new users
  • predefined roles that range from read-only access to full administrative capabilities so managers can easily select the appropriate role for a new user

There are three roles in USM Central

  • Read-Only — You can access views and search the system, but cannot make system changes that impact other users.
  • Analyst — You can view and search the system and perform all the same tasks as the Read-Only role, and also view alarms.
  • Manager — This role enables Analyst permissions and also allows you to update deployments, add or configure credentials for users, and view alarms.

Predefined Roles in USM Central

Action Read-Only User Analyst User Manager User
Anywhere Autologin
Alarms - Update
Deployments — Create
Deployments — Delete
Deployments — Read
Deployments — Update
Labels — Create
Labels — Read
Labels — Update/Delete *
Orchestration Rules — Create
Orchestration Rules — Delete
Orchestration Rules — Read
Orchestration Rules — Update
System Events — Read
Users — Create
Users — Delete
Users — Read
Users — Update Metadata
Users — Update My Status
Users — Update My Security and Preferences (User only) (User only)  (All users)

* Analysts with Select Deployment access will not have access to this function.