Cloud DSPM Role Based Access Control (RBAC)

Overview

Cloud DSPM now supports fine-grained authorization and role-based access policies via the Forcepoint Platform (DSC) Identity Provider for centralized user and role management.

For the system-generated roles and entitlements, see Cloud DSPM Entitlements.

Note:

A role can be assigned one or more DSPM entitlements.

Any updates to DSPM entitlements assigned to a role require the user to re-login for the changes to take effect.

For any existing users, who encounter issues while accessing the DSPM console—such as receiving an “Access Denied” message—they should verify that DSPM entitlement is assigned to the concern user role.

To add any DSPM entitlement to any role, follow the steps given in How To add an Entitlement to a Role.

How To add an Entitlement to a Role

The below procedure provides step by step guidance to add DSPM Super Administrator entitlement to an Admin role. Similarly, you can add any entitlement to a role by following the steps below:

  1. Log in to the Forcepoint Platform (DSC) as an admin user.
  2. Navigate to Admin > Roles under PLATFORM SERVICES.

  3. Select the Admin role to edit.

  4. The Edit menu opens.
  5. Click on Entitlements or use the Forward Arrow Icon to expand the section.

  6. Search for DSPM Super Administrator in the Entitlements panel and add it using the + button.

  7. Click on Update to save the changes.