Manage Your Multicloud Defense Account

Account (Multicloud Defense Tenant)

The Account information is used by the Administrator to create and edit the following functions.

Navigate to Systems and Accounts > Account > Account.

Understand user roles in Security Cloud Control Firewall Management

Security Cloud Control Firewall Management assigns roles per user and per organization. If a user has access to more than one tenant, that user can have the same user ID but different roles on different organizations. For example, a user can have the `Read-Only` role on one organization and the `Super Admin` role on another.

When the interface or documentation refers to a `Read-Only` user, `Admin` user, or `Super Admin` user, it describes that user's permission level on a specific organization.

Roles in Multicloud Defense

Roles play an important part of what a user is allowed to do when accessing the Multicloud Defense tenant through the Multicloud Defense portal. A role is a privilege that grants the user a set of permissions.

There are three available roles:

  • Super Admin (admin_super) .

  • Edit-only Admin (admin_rw).

  • Read-only Admin (admin_read-only) .

There are two permission definitions:

  • Modify - Read, write, edit, and delete.

  • Read - Read-only.

The permissions for each setting associated with each role are outlined in the following table:

Setting

Super Admin(admin_super)

Edit-Only (admin_rw)

Read-Only (admin_read-only)

Management

Users

Modify

Modify (except Super Admin)

Read

MFA Enable / Disable

Modify

Modify (except Super Admin)

Read

Reset MFA

Modify

Modify (except Super Admin)

Read

API Keys

Modify

Modify

Read

Roles

Read

Read

Read

Account > Application Tags

Modify

Modify

Read

Account > Email Domains

Modify

Read

Read

System

Read

Read

Read

Metering

Read

Read

Read

Alert Profiles

Services

Modify

Modify

Read

Alert

Modify

Modify

Read

Only one (1) user within a Multicloud Defense tenant can be assigned the super admin role. This user is seen as the owner of the account and is synonymous with the owner of an AWS account or a linux root account. All other users should be assigned a read/write admin or read-only admin role.

The super admin role is assigned by Multicloud Defense and is granted to the first user created when the Multicloud Defense tenant is created. If any changes are required to a super admin user, please contact Multicloud Defense Support.