Configure Data Sources (under Data Collection).
Enables the configuration and management of cloud and third-party data source integrations. This includes Cloud Service Provider (CSP) integrations (AWS, Azure, GCP), Cloud Workload Protection (CWP) instances, Cloud Access Security (CAS) connectors, and Outposts. S
Data Sources & Integrations page
Data Sources is managed under → → → . Access levels to the Data Sources & Integrations are determined with the Integrations permissions:
Data Sources permission only: Users can view the page and manage cloud accounts (CSP), Cloud Workload Protection (CWP) instances, and Cloud Access Security (CAS) connectors.
Integrations permission only: Users can view the page and manage data collection integration instances, specifically automation and feed integrations.
Both permissions: Users have full visibility and can manage both data sources and integrations on the same page.
Permission | Description | Roles Example |
|---|---|---|
None | Users cannot access the Data Sources & Integrations and Outposts pages. | SOC Tier-1 Analyst: Data source configuration is outside Tier-1 responsibilities. |
View | Read-only access to view all configured instances, connection status, last sync times, and configuration details on the Data Sources & Integrations and Outposts pages. |
|
View/Edit | Full control over data source management. Users can add new sources via the wizard, modify settings (credentials, sync intervals), enable/disable sources, and manage associated content items. | Security Engineer: Primary responsibility for configuring and maintaining data sources. |