User Groups Permission Set
You can create custom user groups and assign the following permissions:
View: You can define permissions to view the data of the feature. If you do not give view permissions, the whole feature is hidden in the application user interface and is not visible to the users.
Create & Update: You can define permissions to create or update an entity for the feature.
Additional Permissions
You can also assign additional permissions that are specific to every feature to custom user groups. The permissions are specific to features in Orchestrate.
Apps
Install Apps: Allows users to install apps from the Appstore.
Run Actions using Open API: Allows users to execute app actions using Open API. For example, with this permission, Respond users can execute app actions from the incident terminal.
Note
Respond integration is required for this feature.
Uninstall Apps: Allows users to uninstall apps from Main Menu > Appstore.
Import Apps: Allows users to import apps from Main Menu > Appstore.
Code Snippet
Delete Code Snippets: Allows users to delete code snippets from Main Menu > Resource Library > Code Snippets.
Email Template
Delete Email Template: Allows users to delete email templates from Main Menu > Resource Library > Email Templates.
Persistent List
Delete Persistent List: Allows users to delete an existing persistent list from Main Menu > Persistent List.
Playbooks
Publish Playbook: Allows users to publish playbooks from Main Menu > Manage Playbooks list.
Run Playbooks: Allows users to run playbooks from Main Menu > Manage Playbooks list.
Approve Playbook Execution via Email: Allows users to approve on-hold playbooks from the email notification sent from the platform.
Import Playbook: Allows users to import playbooks to Main Menu > Manage Playbooks -> My Playbooks list.
Restore Playbook Version: Allows users to restore a playbook to an older version using the playbook version restore feature.
Publish Playbook: Allows users to publish a playbook from one workspace to another.
Delete Playbook Version: Allows users to delete an older version of a playbook.
Delete Playbook: Allows users to delete playbooks.
Import Playbook: Allows users to import playbook from Main Menu > Manage Playbooks list.
User Group Permission Map
The following table shows the permissions mapped to features of Orchestrate:
User Group Permission | View | Create & Update | Additional Permissions | Feature Accessibility |
|---|---|---|---|---|
App Instances | Yes | Yes | No | Main Menu > Apps > Instances |
Apps | Yes | Yes | Yes | Main Menu > Apps |
Audit Logs | Yes (Allows users to view Activity Logs and API Request Logs) | No | No | Admin Panel > Audit Logs |
Authentication | Yes | Yes | No | Admin Panel > Authentication |
Code Snippets | Yes | Yes | Yes | Main Menu > Resource Library > Code Snippets |
Configurations | Yes | Yes | No | Admin Panel > Configurations |
Configure Events | Yes | Yes | No | Main Menu > Configure Triggers |
Console Status | Yes | No | No | Admin Panel > Console Status |
Cyware Agent Configuration | Yes (Allows users to view Cyware Agent Configurations) | Yes (Allows users to install Cyware Agent using terminal and Open APIs) | No | Access from the platform and Cyware Agent Open APIs. |
Cyware Agent Tasks | Yes (Allows users to view Cyware Agent tasks) | Yes | No | Main Menu > Cyware Agent Tasks |
Dashboard | Yes | No | No | Main Menu > Dashboard |
Email Template | Yes | Yes | Yes | Main Menu > Resource Library > Email Templates |
Labels | Yes | Yes | No | Main Menu > Labels |
License Management | Yes | Yes | No | Admin Panel > License Management |
Notification Management | Yes | Yes | No | Admin Panel > Notification Management |
Open APIs | Yes | Yes | No | Admin Panel > Open APIs |
Persistent List | Yes | Yes | Yes | Main Menu > Persistent List |
Playbooks | Yes | Yes | Yes | Main Menu > Manage Playbooks |
Run Logs | Yes | No | No | Main Menu > Run Logs |
Source Events | Yes | Yes | No | Main Menu > Trigger Events |
Tags | Yes | Yes | No | Admin Panel > Playbook Tags |
Tenant Management | Yes | Yes | No | Admin Panel > Tenant Management |
User Groups | Yes | Yes | No | Admin Panel > User Groups |
User Management | Yes | Yes | No | Admin Panel > User Management |
Webhook | Yes | Yes | No | Admin Panel > Webhooks |
Read Only User Group Permission Map
The following table shows the permissions mapped to features of Orchestrate:
User Group Permission | View | Create | Feature Accessibility |
App Instances | Yes | No | Main Menu > Apps > Instances |
Apps | Yes | No | Main Menu > Apps |
Code Snippets | Yes | No | Main Menu > Resource Library > Code Snippets |
Configure Events | Yes | No | Main Menu > Configure Triggers |
Cyware Agent Tasks | Yes | No | Main Menu > Cyware Agent Tasks |
Dashboard | Yes | No | Main Menu > Dashboard |
Email Templates | Yes | No | Main Menu > Resource Library > Email Templates |
Labels | Yes | No | Main Menu > Labels |
Persistent List | Yes | No | Main Menu > Persistent List |
Playbooks | Yes | No | Main Menu > Manage Playbooks |
Run Logs | Yes | No | Main Menu > Run Logs |
Source Events | Yes | No | Main Menu > Trigger Events |
Additional Permissions
For playbooks, you can assign the following additional permissions to read-only user groups:
Approve Playbook Execution via Email: Allows users to approve on-hold playbooks from the email notification sent from the platform.