Configure Cloud Security policies and rule permissions, which appear under CLOUDSEC.
You can edit Cloud Security policies and rules permissions by selecting CLOUDSEC when creating or editing a role.
Users manage Cloud Security Policies and Rules by going to → and then selecting Cloud Security either under Policies or Rules.
Notice
Requires Cloud Posture Security, Cloud Runtime Security, or Cortex XSIAM Premium license.
Rules
Control Cloud Security Rules, which are individual security detection rules that Cloud Security Policies reference. They define specific configuration checks and compliance requirements, such as checking specific cloud resource settings, mapping specific compliance requirements, and pre-defined security best practice rules.
For more information, see Cloud Security Rules.
Permission | Description | Roles Example |
|---|---|---|
None | No access to Cloud Security Rules. | SOC Tier-1 Analyst: Focus on issue triage, not policy management. |
View | Read-only access to Cloud Security Rules, but can't take any action. |
|
View/Edit | Full edit access, including creating, editing, and deleting, copying, and enabling or disabling Cloud Security Rules. | Security Engineer: Create and maintain cloud security rules. |
Policies
Cloud Security Policies allow administrators to define and manage configuration and compliance policies for cloud infrastructure, such as checking cloud resource configurations, mapping compliance frameworks, and identifying security misconfigurations.
For more information, see Cloud Security Policies.
Permission | Description | Roles Example |
|---|---|---|
None | No access to Cloud Security Policies. | SOC Tier-1 Analyst: Focus on issue triage, not policy management. |
View | Users can access Cloud Security Policies, but can't take any action. |
|
View/Edit | Full edit access, including creating, editing, and deleting Cloud Security Policies. | Security Engineer: Create and maintain cloud security rules. |