Working with and modifying an individual group

When you open an individual group in Guardium® Insights SaaS, you can see its members and a summary of its details and any error messages related to it. You can also specify which user roles can access the groups - and you can modify the member list of any group that you have created (the only group members that cannot be modified are those in groups that you have imported from and kept in sync with Guardium).

Before you begin

By default, you must be assigned the Administrator role to be able to manage groups.
Important: If you have policy rules that use groups as rule conditions, modifying the groups by adding or removing members will result in reactivation of group members.

To open the Groups page, select Groups in the main menu. Open this menu by clicking the main menu icon (main menu))

Procedure

When you click on a group or select its checkbox and click Open, you are taken to its details page:
  • Members tab: This tab displays the group's members.
    • If the group that you opened is a parent group, the list of members that are displayed are child groups. If the group that you opened is not a parent group, the list that displays are not groups (they are just members). If you click Add member in a parent group, you will be adding a member-group. If you click Add member in a group that is not a parent, you will be adding a member.
    • To add one or more member-groups to a parent group, click Add member. Then, in the Add member-group dialog box, select the group to add. To add additional groups, click Add another. Do this for each group that you want to add and then click Save.
    • To add one or more members to a group that is not a parent, click Add member. Then, in the Add member dialog box, enter the member in the Member field. To add further Member fields in which you can add additional members, click Add another for each additional member. After adding more members, click Save.
    • To delete a member, click the Delete button (Delete icon) next to the member. To delete one ore more members, select the checkbox next to any member that you want to remove and then click Delete in the banner that opens.
    • To learn how to add members to a group that is not a parent from a comma-separated values (.csv) file, see Importing group members from a CSV file.
    • If you have an existing LDAP connection, you can add members to groups that are not parents from it. See Importing group members from LDAP for more information.
    • If you have opened a non-parent predefined group whose members have been modified, you can return the group to its default state by clicking Add member > Reset to default
    Note: You cannot modify group members if the group has been imported from and kept in sync with Guardium or imported from and kept in sync with LDAP. In addition, you cannot import group members from a CSV file or LDAP connection to a parent group.
  • Roles tab: This tab displays which user roles have access to the group. To modify access to the group, click Manage roles. In the Assign roles dialog box, select which roles have View access and/or Full access to the role and then click Save.
  • Summary tab: This tab contains general information such as the group type and the source of the group (if it is predefined, user-created, or imported). In addition, the tab indicates if the group is a parent group - and if there are any current information or error messages related to the group.