Configure data RBAC for Dashboards

Supported in:

This document explains how Google Security Operations administrators can assign scopes to dashboards. The Dashboards feature of Google Security Operations is built from charts populated using YARA-L 2.0 properties. By assigning scopes to a dashboard, you can control Data Role-Based Access Control (RBAC) limits on the data displayed. To understand how data RBAC works, see Overview of Data RBAC.

Before you begin

  • Review the core concepts of data RBAC, including access types, user roles, the function of labels and scopes, and the impact of data RBAC on Google SecOps features. For details about data RBAC, see Data RBAC overview.

  • Onboard your Google SecOps instance. For more information, see Onboard a Google SecOps instance.

  • Confirm you have the required roles to manage Identity and Access Management permissions.

Grant user access to Dashboards

To grant a user or group access to Dashboards, follow these steps:

  1. In the Google Cloud console, click IAM > Grant Access.

  2. In the New principals field, enter the email address for the user or group. To simplify management, we recommend to grant roles to Google groups, not individual users.

  3. In the Select a role list, search for "Chronicle SIEM", and then select the required predefined or custom role. For example, Chronicle SIEM Restricted Viewer.

  4. If you assigned a scoped role (like Restricted Viewer), you must also assign the user to a specific Log Scope to filter their data view. For more information, see Configure data access control using Log Scopes.

  5. Click Save.

The user now has the granted permissions for all dashboards they're authorized to see within the project.

Need more help? Get answers from Community members and Google SecOps professionals.