Understanding the permissions IT users have over an application is fundamental to ensure a strict security policy.
Consider the following example, John Edwards has been given responsibility over the Directory application. One of the things he wants to understand is who has access to this application in the different environments and with what level of permissions.
To find out the permissions IT users have over the Directory application do the following:
In this list John can see the roles, and corresponding permissions, specific users have on Directory application. These specific permissions override any permission given to that user from a team assignment or the default role.
John can also understand which team has access to this application. Clicking on the Team gives John the visibility of the different permissions the members of that team have on that application. The permissions given by team assignment have precedence over the permissions given by the default role of a user.
Finally, John can identify the Roles that give access to this application. Clicking on the Role gives John the visibility of the users that have the role assigned as the default role.
In another example, Audrey Tor is executing a routine security audit. She wants to understand the permissions that John Mann has to ensure the company security policy is being enforced.
To find out the permissions of John, Audrey does the following:
In this detail page Audrey can see what applications John has been given specific access to and with which role.
Additionally Audrey can see that John has the Developer role in team CRM, which gives him 'Change & Deploy' permission in the Development environment for the applications the team manages.
Configure Security for an Infrastructure
Create a Role