The Role Reviewer is included in our Metacoda Security Plug-ins software. It is used to easily review all of the roles in your metadata to find out their members, any other roles that they contribute capabilities to, any other roles that they receive capability contributions from, the capabilities they provide to their members’ users and groups, any ACTs and ACEs that have been applied to protect them, and any external identities they may be associated with.
Key features in the Role Reviewer include:
- Roles table: displays a list of all roles present in metadata together with summary information and indicators for those roles. The table can be customized by hiding or showing columns, re-ordering or re-sizing columns, and sorting rows by any of the available columns. The filter bar allows you to quickly find a specific role of interest.
- Members tab: shows all of the direct and nested members of the currently selected role. The filter bar allows you to quickly determine if any user or group is a member of the selected role (regardless of the level of nesting) together with the path, or paths, by which they are a member.
- Contributions tab: if the selected role is a contributing role for other roles, this tab will show you which roles it contributes capabilities to, including any additional nested roles that those roles contribute to.
- Contributing roles tab: shows which other roles, if any, contribute capabilities to the currently selected role, including any further nested contributing roles.
- Capabilities tab: shows which capabilities the selected role provides to its members with information about how the capability is provided (e.g. direct or contributed) together with any contribution paths. The filter bar allows you to search for a specific capability and find out if the selected role provides it.
- ACT protections tab: shows any Access Control Templates (ACTs) that may have been directly applied to the selected role to protect it.
- ACE protections tab: shows any explicit permissions, or Access Control Entries (ACEs), that may have been directly applied to the selected role to protect the role registration.
- External identities tab: displays any external identities, such as Active Directory or LDAP groups, that may have been linked to the SAS role during enterprise directory identity synchronization.
- HTML export: all of the information available in the Role Reviewer can be easily exported in HTML format for documentation, audit and troubleshooting purposes.
- Security Test XML export: export test specifications in Metacoda Security Test XML format for use in the Testing Framework. Regular testing can be scheduled to automatically detect deviations from this baseline and trigger email alerts.
APPLICATIONSSAS Platform Administrators will find the Role Reviewer useful to:
- Investigate the user and groups that are members of a role, and how they get that membership; taking into account implicit, direct, and indirect memberships, including group nesting.
- Examine the capabilities of roles and determine how those capabilities have been specified.
- Find out if there are any roles with no members.
- Easily document the roles within a metadata security plan. Then regularly verify the current implementation against that plan, identifying any changes or concerns.
LICENSING & EVALUATION
The Role Reviewer is available in our Metacoda Security Plug-ins Basic and Enterprise level packages. We offer three license package levels: Starter, Basic and Enterprise. Read our licensing page to find out which package is best for you.
Register today to:
- start using our free Metacoda Utility Plug-ins
- start using our free Metacoda Custom Tasks
- request a free 30 day evaluation license to trial our commercial software, Metacoda Security Plug-ins.
If you have any questions, please contact us.