Predefined roles, pages, and permissions

Assigning roles to users allows you to control which parts of Guardium® Data Security Center they have access to. This topic lists the predefined roles that are included with Guardium Data Security Center.

Predefined roles

Table 1. Predefined roles
Name Description Default page access Default permissions
Access manager Can manage access and LDAP n/a
Administrator Can manage CM, report, all settings and pages
Auditor Can run compliance work flow and report user permissions
Compliance officer Can manage compliance work flow and report user permissions
Database administrator Can manage datasource, Amazon Kinesis, Azure and report user permissions
Default Default set of privileges for new users and roles
Security analyst Can manage analytics and report user permissions

Pages

Table 2. Pages
Page name Default role assignments
Actions list Administrator, Auditor, Compliance officer, Database administrator, Security analyst
Activity log Administrator, Auditor, Compliance officer
Alert rules Administrator
Risk Events Administrator, Auditor (view access only), Compliance officer (view access only), Database administrator, Security analyst (view access only)
Anomalies report Administrator, Database administrator
API keys All (view access only for all roles except Access manager)
Audit settings Administrator, Auditor (view access only), Compliance officer, Database administrator (view access only), Security analyst (view access only)
Connection credentials Administrator (view access only), Database administrator (view access only)
Connections Administrator, Database administrator
Data mart ingestion Administrator, Database administrator
Data sets Administrator
Distribution rules Administrator
GDP health Administrator, Database administrator
Getting started Administrator
Global settings Administrator
Groups Administrator, Auditor (view access only), Compliance officer (view access only), Database administrator, Default (view access only), Security analyst (view access only)
Guardium central managers Administrator, Database administrator
Guardium managed units Administrator, Database administrator
Initial setup Access manager
Integrations settings Administrator
LDAP settings Access manager, Administrator (view access only), Compliance officer (view access only), Database administrator
Notification settings Administrator
Notifications All
Notification details All (view access only for all roles except Administrator)
Dashboards All (view access only for all roles except Administrator)
Policies Administrator, Database administrator
Policy builder Administrator, Database administrator
Policy rule builder Administrator, Database administrator
Reports All (view access only for the Access manager and Default roles)
Risk events Administrator, Security analyst
Roles settings Access manager
Universal connector Administrator, Database administrator
Universal connector plugins Administrator (view access only), Database administrator (view access only)
User settings Access manager

Permissions

Table 3. Permissions
Permission Default role assignments
Connect data sources and add connector plugins Administrator, Database administrator
Create custom groups All except Access manager
Create custom reports All except Access manager
Create dashboards All except Access manager
Full access to all audit settings Administrator, Auditor
Manage all connectors to external data sources and connector plugins Administrator, Database administrator
Manage all predefined and custom groups Administrator
Manage all predefined and custom reports Administrator
Manage all predefined and custom reports Administrator
Manage all risk events engine configurations Administrator