BalkanID Generated Roles

The BalkanID Generated Roles table is a powerful component of the RBAC Analyzer, providing a comprehensive view of the roles identified by the BalkanID RBAC algorithm. Each role represents a distinct combination of connections and overlapping access patterns, offering valuable insights into the organization's access control landscape.

The BalkanID Generated Roles represent the baseline access privileges that new employees are granted as part of their onboarding process, ensuring they have the necessary permissions to perform their duties from day one.BalkanID classifies the generated roles into four distinct categories:

1. Birthright: If everyone in the company has the same set of access privileges.

2. Department Birthright: If everyone in the department has the same set of access privileges.

3. Job Birthright: If everyone in the department with job title has the same set of access privileges.

4. Functional Birthright: If everyone in the department with job title under a manager has the same set of access privileges.

The BalkanID Generated Roles page offers powerful filtering capabilities, enabling administrators to explore and identify users assigned to specific roles. For instance, an administrator can apply a job title filter to find all BalkanID generated roles assigned to employees with the 'CEO' job title, providing valuable insights into the access privileges granted to executive-level personnel.

Furthermore, administrators can drill down into individual BalkanID generated roles to obtain a detailed list of identities, connections, resources and entitlements associated with that role by clicking on that particular role. This will lead to the BalkanID Generated Role Details Page providing a granular view that facilitates a deeper understanding of the access privileges granted by each role, i.e the list of connections and identities.

The BalkanID Generated Roles page offers export and access review capabilities. With a single click on the download button, you can export the list of generated roles, associated identities, connections, resources and entitlements into a CSV file. The download button becomes active only after selecting specific rows or applying filters, providing flexibility. Additionally, the page includes a "Create Reviews" button, enabling you to initiate ad-hoc access reviews for deeper analysis and validation of the generated roles.

By leveraging the BalkanID Generated Roles page and role details page organizations can gain a comprehensive understanding of their access control landscape.