Role-based processing domains
The Control Room RBAC applies the least privilege principles to domains by implementing Processing Domains, specifying role-based privileges and permissions at the bots and Bot Runners level.
RBAC is applied at a folder level to completely and seamlessly isolate one department bot from the remaining department bots. If the user role does not have access to a set of bots, those bots do not exist, thereby enabling the separation of duties across different domains. For example, finance and accounting roles can access only the bots that automate their respective functions, and specific Bot Runners can execute these bots. This is consistent to best practices as defined by NIST AC-4 Processing Domains.
This permission is further divided into the following sub permissions:
- Only those users who have this permission can run bots from the Control Room to remote Bot Runners.
Authorized users assign various permutation and combinations of these accesses to different sets of users and roles based on the business need.