Manage security
Understanding the manage security screen
This page enables administrators to manage access control across different areas of the system, each represented by a hierarchical path identifier (e.g. /projects/bank/assets). Security policies are composed of authorisation rules that can be assigned to individual users or LDAP groups. These rules govern the scope and level of permissions granted, defining what actions users are allowed to perform within the system.
You will need to have admin privileges in order to access this page.
Manage security policies
When on this page, you will be taken to the Security management -> Policies screen by default.
Each row includes:
| Column | Description |
|---|---|
| Name | The name describing the purpose of the security policy. |
| Description | Provides a short summary or purpose of the security policy. |
| Created by | The user who created the security policy. |
| Created at | Timestamp for when the security policy was created. |
| Updated at | Timestamp for when the security policy was last updated. |
| System | Whether it is a system-generated policy or a user-generated one. |
Buttons & links
| Buttons & links | Function |
|---|---|
| Search bar | Filter the contents of the table based on these criteria. |
| Columns | Hide or display columns in the table. |
| Create policy | Create a new security policy. |
Creating a security policy
To create a new policy, follow these steps:
- Click on the Create policy button
- Fill in the policy name, and optionally a description
- Click the Create policy button. The new policy will appear on the policies list. You can now start adding rules and assigning permissions within that policy.
Managing policy rules
Once you've created a security policy, you can begin adding rules to it. Available resource paths are listed on the right side of the screen. To add a path to the policy, hover over the desired path and click the Add to policy button. The selected path will then appear on the left side of the screen, where you can configure its read, update, and execute permissions.
You can add custom path rules by clicking on the Add custom path button.
Managing policy assignments
To activate a security policy, you must assign it to users and/or groups. Click on the Assignments tab to do so. This tab displays a list of users and groups currently associated with the policy.
Modifying policy assignments
To add/remove a user or group from the policy, follow these steps:
- Click on the Modify policy assignments button.
- Click on the Add assignee button.
- You will be given an option to select a user or a group.
- For existing assignments, there is a trash icon located on the right side if you need to remove that user/group from the policy.
- Click on the Update button to update the assignments.
Users
This tab contains the users and the policies that are assigned to it.
| Column | Description |
|---|---|
| Username | The name or identifier of the user. |
| Policies | Security policies currently assigned to the user. |
| Auth provider | The authentication source used to validate the user's identity. |
| Groups | List of LDAP groups that this user belongs to. |
| Created at | Timestamp for when the user was created. |
| Updated at | Timestamp for when the user was last updated. |
Buttons & links
| Buttons & links | Function |
|---|---|
| Search bar | Filter the contents of the table based on these criteria. |
| Columns | Hide or display columns in the table. |
Groups
This tab contains the list of LDAP groups.
| Column | Description |
|---|---|
| CN | The Common Name (CN) of the LDAP group. |
| ID | The full LDAP Distinguished Name (DN) of the group. |
| Alternative CN | An optional alternative name or alias for the LDAP group. |
| Members | List of users or entities that belong to this LDAP group. |
Buttons & links
| Buttons & links | Function |
|---|---|
| Search bar | Filter the contents of the table based on these criteria. |
| Columns | Hide or display columns in the table. |