The Enterprise Control Room RBAC applies the least privilege principles to
domains by implementing Processing Domains, specifying role-based privileges, and
permissions at the bots and Bot Runners level.
RBAC is applied at a folder level to completely and seamlessly isolate one department bot from the remaining departments' bots. If the user role
does not have access to a set of bots, those bots do not
exist for that specific user, thereby enabling the separation of duties across different
domains. For example, Finance and Accounting roles can access only the bots that automate Finance and Accounting functions and pecific Bot Runners that can
execute these bots. This is consistent with best practices as defined by
NIST AC-4 Processing
For example, only those users who have the Run my bots permission
can run the bots from the Enterprise Control Room to remote Bot Runners.
Authorized users assign various permutation and combinations of these accesses to
different sets of users and roles based on the business need.