Policies - Cloud Workload permissions

Abstract

Configure Polices for Cloud Workload rules and policies.

Policies permissions control access to Cloud Workload rules and policies (Compute Policies). This module maintains security compliance, prevents misconfigurations, and reduces risks across your cloud environments. Users manage Cloud Workload Policies and Rules by going to Posture ManagementRules & Policies and then selecting Cloud Workload under Policies or Rules.

Notice

Requires Cloud Posture Security, Cloud Runtime Security, or Cortex XSIAM Premium license.

Cloud Workload Policies Controls

Controls the ability to view, create, edit, duplicate, and delete cloud workload policies and rules.

For more information, see Cloud Workload Policies and Rules.

Permission

Description

Roles Example

None

No access to Cloud Workload Policies and Rules. Users can't access Cloud Workload Policies even from within associated issues.

SOC Tier-1 Analyst: Focus on issue triage, not policy management.

View

Read-only access. Users can browse the policies table, open policy side panels to view details, view linked rules, search and filter policies, and export policy data. They cannot modify or take action on policies.

  • SOC Tier 2 and 3 Analysts: Reference policy configurations during investigations/deep analysis of policy effectiveness.

  • Threat Hunter: Understand policy coverage for threat hunting.

View/Edit

Full edit access. Users can create, edit, delete, and duplicate Cloud Workload Policies and Rules.

  • Security Engineer: Create and maintain compute security policies.

  • Cloud Security Architect: Full administrative access to policy management.