A permission set is a template that contains a collection of permissions which you can apply to a role globally. For example, you might want a View Only permission set that contains permissions which allow users to view, but not create or edit, data in CloudCheckr. A permission set eliminates the need to add or remove permissions separately, which can be time-consuming and inefficient—especially if you have a large and diverse cloud deployment.
Permissions enable any user with that permission to perform a certain function or task such as viewing cost alerts or managing account groups.
To make this terminology relatable to your CloudCheckr experience, lets say all members of your finance team use the same role. This role is assigned to a permission set that grants each member access to Cost and Billing reports. When a new team member joins, you can add them to the role so that they inherit the same permissions as their peers.
Permission sets are a component of CloudCheckr's Role Based Access Control (RBAC), which is a method for managing access based on the roles assigned to users.
The Permission Sets tab in Access Management is where you can view, search for, modify, or create a permission set.
Click a button to learn more about the actions you can perform in the Permission Sets tab:
This procedure shows you how to create a permission set.
- Click the Settings icon and select Access Management > Permission Sets.
- Click the + CREATE button.
- Type a name for the permission set.
- Type a description for the permission set if applicable.
- Select one or more permissions from the list.
Here is an example of what the screen would look like if you created a permission set that contains permissions which allow users to only view data in CloudCheckr:
- Click SAVE.