# Define custom business role mappings, or remove mappings that come with 
# the default SOC deployment.
#
# IMPORTANT: This file should be copied from the salt/default tree into
#            the salt/local tree (preserving the same directory structure).
#            Failure to do this will result in the customizations being
#            overwritten on future upgrades.
#
# Syntax      => prebuiltRoleX: customRoleY: op
# Explanation => roleY and roleZ are adjusted permissions of roleX, op is:
#                + add the new permissions/role mappings (default)
#                - remove existing "explicit" prebuilt permissions. This 
#                  does not work with implictly inherited permissions.
#
# In the example below, we will define two new roles for segregating
# analysts into two regions. Then we will remove the ability for all
# analysts to see the roles of other analysts. (Seperately we will need to
# define these two new roles in Elasticsearch so that each analyst region 
# can only see data from their specific region's indices, but that is out 
# of scope from this file.)
#
# analyst:        westcoast_analyst, eastcoast_analyst
# roles/read:     user-monitor:-