Categories
Some IBM Security Orchestration & Automation features are dependent on other features; therefore, those permissions are combined. For example, setting the Ability to view and modify permission enables full permissions for the various administration and customization features listed below that permission.
- Administration and Customization Permissions
- These permissions apply only to global roles. Except for two permissions, these permissions represent tabs accessible from the Administrator Settings or Customization Settings menu items. Users who do not have any of these permissions do not see the Administrator Settings or Customization Settings menu items. The exceptions are the Shared Dashboards, Filters, Reports permission, which allow users to share their custom analytics dashboards and search filters, and Manage Wiki Pages permission, which allows users to create, edit, and delete wiki pages.
- Incident Permissions
-
These permissions apply to both global and workspace roles. They determine how users interact with the various incident functions in all incidents. You should grant these permissions to a role where the user needs to access or manage those incidents where the user is not necessarily the incident owner or a member. By default, users not assigned a role can be assigned incidents, and manage those incidents when a member or owner of the incident.
- Artifacts Permissions
- These permissions apply only to global roles. The View the global list of Artifacts permission determines if users can view the list of artifacts, which is a list of all artifacts across all cases in the account. The Manage Artifacts permission controls if users with this permission can create and edit any artifacts in the account.
- Simulation Permissions
- This permission applies only to global roles. It determines if users can create simulations. It can work with or independently from the incident permissions. Users with this permission have the ability to create simulations in the default workspace, or select a different workspace if they have Create Incidents permissions for that workspace and if the workspace field is added to the new incident layout. Users without this permission do not see the Create case > Create simulation menu. If a role has Create Simulations but not Create Incident permissions, if they click Create from the menu, they see the Create Simulation screen. If the user has Create Incident and Create Simulations permission, they can choose whether to create a new incident or simulation from the Create button on the main menu. Only users with the Delete Incidents permission can delete simulations.
- Task Permissions
- These permissions apply to both global and workspace roles. They provide users with the ability to edit task names, phases, and instructions.
- Inbox Permissions
-
These permissions apply only to global roles. They determine if users can access the Inbox and emails in the inbox. Grant these permissions to a role where users need to view and triage emails from inbound email connections. Users without these permissions do not see the Inbox or the emails in the Inbox. Check the Access Inbox permission to grant permissions to a role to enable user to view the contents of the email inbox. Check the Download emails and Delete emails options to grant permissions to roles to download email content and delete emails from the Inbox.Note: The ability to download emails directly from the Email tab on an incident is controlled by the incident permission, Download Emails.