Manage User Groups - User Guide - 2 - Cortex XPANSE - Cortex - Security Operations

Cortex Xpanse Expander User Guide

Product
Cortex XPANSE
Version
2
Creation date
2024-05-22
Last date published
2024-07-16
Category
User Guide
Solution
Cloud
Abstract

User groups enable you to define a common role and scope for multiple users at once in a Cortex Xpanse tenant.

User groups enable you to define a common role and scope for multiple users at once. On the User Groups page, you can create user groups and manage existing user groups for a Cortex Xpanse tenant.

Note

If you assign a user to more than one user group with different permissions, the user will get a superset of the permissions.

The User Groups list view provides the following fields of information.

  • Group Name—Name of the user group.

  • Description —Description of the user group.

  • Role—Lists the group role associated with this user group. You can only have a single role designated per group.

  • Users—Lists all the users belonging to this user group.

  • Nested Groups—Lists any nested groups associated with this user group.

  • IDP Groups—When SSO is enabled in Cortex Xpanse , this column indicates your organization's Identity Provider (IdP) groups that are automatically mapped to the user group.

  • Insert Time—Date and time when the user group was added.

  • Update Time—Date and time of when the user group was last updated.

  • Scope—Tags assigned to the user group for scope-based access control.

  • Source—Displays the source of the user group as either a user group imported from Active Directory or a Custom user group created in Cortex Xpanse .

You can also pivot (right-click) from rows and specific values in the table, where a number of different options are available to help you manage your Cortex Xpanse user groups from this page.

  • Save an existing group as a new group.

  • Edit a group.

  • Remove a group.

  • Copy text to clipboard.

  • Copy the entire row.

  1. Select SettingsConfigurationsAccess ManagementUser Groups.

    In the User Groups page, a number of different options are available to help you manage user groups.

  2. Manage your Cortex Xpanse user groups.

    The following options are available to help you manage user groups, which you can perform on one or more user groups at a time.

    • Create a new user group for a number of different system users or groups.

      1. Select New Group.

      2. Set the following parameters in the New Custom Group window.

        -Specify the Name and Description for the user group.

        -Role—(optional) Select a role that you want to designate for this user group, where only a single role can be assigned to a group.

        -Users—(optional) Select the user(s) that you want to belong to this user group, where you can also use the search field to narrow down the list of users.

        -Nested Groups—(optional) Select the nested group(s) that you want to be associated with this user group.

        The nested group overrides any settings you select in the Role section. If you add a nested group, the group has both the nested role permissions and its own permissions. For example, if when editing User Group A, in the Nested Groups section, you add Group B, Group A has the permissions of both Group A and Group B.

        -SAML Group Mapping—(optional) Specify the name of the group(s) in your organization’s Identity Provider (IdP) that you want to automatically map to this user group in Cortex Xpanse . This option is only displayed when single sign-on is enabled.

      3. Create the user group.

    • Save an existing group as a new group.

      1. Select the user group or right-click the user group, and select Save as New Group.

      2. Set the following parameters in the New Custom Group window.

        -Specify the Name and Description for the user group.

        -Role—Leave the designated role or select a new role that you want to designate for this user group.

        -Users—Leave the current user(s) or select the user(s) that you want to belong to this user group. You can also use the search field to narrow down the list of users.

        -Nested Groups—Leave the current nested group(s), select the nested group(s) that you want to be associated with this user group, or remove all nested groups if you don’t want any defined.

        -SAML Group Mapping—Leave the current IdP group name, specify the group(s) in your organization’s Identity Provider (IdP) that you want to automatically map to this user group in Cortex Xpanse , or remove all IdP groups if you don’t want any defined. This option is only displayed when single sign-on is enabled.

      3. Create the user group.

    • Edit a user group.

      1. Select the user group or right-click the user group, and select Edit Group.

      2. Set the following parameters in the Edit Custom Group window.

        -Update the Name and Description for the user group.

        -Role—Leave the designated role or select a new role that you want to designate for this user group.

        -Users—Leave the current user(s) or select the user(s) that you want to belong to this user group. You can also use the search field to narrow down the list of users.

        -Nested Groups—Leave the current nested group(s), select the nested group(s) that you want to be associated with this user group, or remove all nested groups if you don’t want any defined.

        -SAML Group Mapping—Leave the current IdP group name, specify the group(s) in your organization’s Identity Provider (IdP) that you want to automatically map to this user group in Cortex Xpanse , or remove all IdP groups if you don’t want any defined. This option is only displayed when single sign-on is enabled.

      3. Save your changes.

    • Remove a user group.

      1. To remove more than one user group, select the user groups, right-click, and select Remove Groups.

        To remove one user group, select the user group or right-click the user group, and select Remove Group.

      2. Click Delete in the window that is displayed.

    • Copy text to clipboard to copy text from a specific row field in the row of a user group.

    • Copy entire row to copy the text from all the fields in a row of a user group.