What do these IAM roles do? Soar permissions seem to be managed by permission groups and roles in the SOAR, so wondering what these do from the GCP IAM side. The one article that mentions them is for scc, so confusing if i need these or not
Chronicle SOAR Admin (roles/chronicle.soarAdmin)
Chronicle SOAR Threat Manager (roles/chronicle.soarThreatManager)
Chronicle SOAR Vulnerability Manager (roles/chronicle.soarVulnerabilityManager)
These are roles that are for SOAR users accessing SCC data. Each one has a different use. Different access to menus/capabilties. They are not neccesary if you dont have SCC.
A "Google SecOps Chronicle SOAR Threat Manager" is a role within the Google Security Operations platform (formerly known as Chronicle) that primarily focuses on managing and responding to security threats by utilizing the SOAR (Security Orchestration, Automation, and Response) capabilities, allowing them to investigate incidents, prioritize alerts, and automate response actions to mitigate threats effectively.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.