New CloudGuard Dome9 Feature: Permissions on Organizational Units
We're excited to announce we're enhancing our Role Based Access Control (RBAC) model. Today we added the ability to view/manage cloud accounts by associating users and roles with Organizational Units (OU).
Dome9 user management includes the ability to define access permissions. Each user or role can be restricted to specific cloud accounts managed by Dome9. The users can view data from specific cloud accounts on which they have "view" permissions, and manage setting (such as Security Groups definitions) in the cloud accounts on which they have "manage" permissions.
By introducing the new OU permissions, it is now possible to grant "view" or "manage" permissions to an entire OU. A user (or role) that was granted permissions to an OU would be allowed to view or manage all the cloud accounts associated with the OU and its descendants. This permission behavior is applied automatically to any cloud account that is being associated with the relevant OU.