Set permissions for policy categories

When you configure a policy category for a user role, you must specify which operations your operators are permitted to perform on policies that belong to this category. You can specify one or more of these operations for this policy category:

• Read: The operator can view the policy stream, but cannot modify or create policies.
• Deploy: The operator can deploy and undeploy policies and policy groups.
• Edit: The operator can create and modify policies.
• Delete: The operator can delete policy versions.

To specify permitted operations for this policy category

1. Open the User Roles dialog box if it is not already open.
   1. Select a node, service, or tool in the console tree.
   2. Click on the Configuration toolbar to open the User Role Configuration Editor and display the User Roles dialog box or right-click to open the shortcut menu and select Configure User Roles.
2. Click New to open the New User Role dialog box.
3. Select the Policies tab.
4. Enter the policy category name and click Add to add the name to the Enter category box.
5. Select the policy category name and click Permissions to open the Policy Permissions for Category dialog box.
6. Select the permissions you want to associate with this policy category by selecting the check box for the item.
7. Click OK to confirm your choices, close this dialog box, and return to the New User Role dialog box Policies tab.

You can also specify general administrative rights for user roles which are independent of policy categories. See Configure policies for user roles for details.

Related Topics:

• Configure policies for user roles