Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

Roles Overview

A role is a function that is assigned to a user that defines the tasks that the user can perform in Juniper Security Director Cloud. A user can be assigned one or more roles depending on the tasks that the user is expected to perform.

User roles enable you to classify users based on the privileges assigned to perform tasks.

Types of Roles

  • Pre-canned roles—System-defined roles with a set of predefined access privileges. Predefined roles are created while deploying Juniper Security Director Cloud.

    • administrator—Users with the administrator role have full access to the portal and its API capabilities. An administrator can add users, create custom roles, and user groups.

    • operator—Users with the operator role have read-only access to the portal.

  • Custom roles—User-defined roles with a set of access privileges. Customized roles can be created by the administrator or a user with the privilege to create users.

Access Privileges

User roles define the access privileges and actions to access objects, such as dashboard, device templates, and devices. For example, a user role can contain permissions to read device configurations and delete alert objects.

Juniper Security Director Cloud provides the following privileges: Read, Create, Update, Delete, and other actions such as Stage Image and Deploy Image for software images.

Role Mapping

Local users can be assigned pre-canned or custom roles in Juniper Security Director Cloud. For SSO users, the default role assigned on the Single Sign-On Configuration page is applied. To assign a different custom role for an SSO user, create and assign a role with the same name and prefix the name with sdc_ in your IdP. For example, to assign an SSO user to "verification" role in the portal, you must first assign the user to "sdc_verification" group or rule in your IdP.