default roles

2026-02-11 09:43:35 +01:00 · 2026-02-09 09:29:07 -05:00
parent cf1c3ac38d
commit 5033462098
2 changed files with 6 additions and 0 deletions
--- a/salt/soc/defaults.yaml
+++ b/salt/soc/defaults.yaml
@@ -1509,6 +1509,7 @@ soc:
          anonymousCidr:
          apiKey:
        staticrbac:
+          defaultRole: ""
          roleFiles:
            - rbac/permissions
            - rbac/roles
--- a/salt/soc/soc_soc.yaml
+++ b/salt/soc/soc_soc.yaml
@@ -455,6 +455,11 @@ soc:
            global: True
            advanced: True
            forcedType: int
+        staticrbac:
+          defaultRole:
+            description: "Default role for new users that have not been assigned a role. When a role is specified, an attempt will be made to permanently assign the role to the user once the user accesses SOC. The role name must match exactly the name of an existing RBAC role. Standard system roles include: limited-auditor, limited-analyst, auditor, analyst, superuser"
+            global: True
+            advanced: False
        strelkaengine:
          aiRepoUrl:
            description: URL to the AI repository. This is used to pull in AI models for use in Strelka rules.