Every Carbon Black Cloud console user is assigned to a role that defines permissions. The role is assigned when you create the new user account; this assignment can be modified at any time.

Carbon Black Cloud includes four Kubernetes-related pre-defined roles that you can assign to users (or you can create custom roles: see Add a Container Role.

  • Kubernetes SecOps View Only
  • Kubernetes SecOps
  • Kubernetes DevOps
  • Kubernetes Security Developer

Kubernetes Security DevOps are responsible for the Kubernetes workload posture. Responsibilities include setting up clusters, scopes, and security policies for Kubernetes workloads. Security DevOps can monitor the health of the Kubernetes environment, investigate workloads and violations, and take appropriate actions.

Role Definitions and Recommendations

The following table describes Carbon Black Cloud permissions and recommendations for user roles for Containers.

Table 1. User Roles/Permissions Matrix - by Role
Role Description Permissions Workflow
Kubernetes SecOps View Only Monitors environment. Cannot take any actions.
  • View Notifications
  • View Kubernetes Security
  • View Images
  • View Workloads
N/A
Kubernetes SecOps Assess and control the workload’s attack surface from build to runtime. Focus on detecting, responding to, and preventing container runtime threads —can quickly detect runtime threads.

This role is appropriate for SOC Analysts.

  • Dismiss Alerts
  • View and Manage Alerts, Notes, and Tags
  • View and Manage Notifications
  • View and Manage API Keys
  • Manage Users
  • View and Manage Kubernetes Security
  • View Images
  • Manage Image Exceptions
  1. Monitor and analyze Containers. See Monitoring and Analyzing Containers.
  2. Take action and remediate security issues. See Investigating and Remediating Container Security Issues.
  3. Triage alerts. See Triaging Kubernetes Alerts.
Kubernetes DevOps Assess and control the workload’s attack surface from build to runtime. Troubleshooting and remediation of security issues.

Responsible for determining the Kubernetes workload posture. Responsibilities include setting up Kubernetes policies, scopes, and clusters in the Carbon Black Cloud console. Security DevOps can monitor the health of the Kubernetes environment, investigate workloads and violations, and take appropriate actions.

  • Dismiss Alerts
  • View and Manage Notifications
  • View and Manage API Keys
  • Manage Users
  • View and Manage Kubernetes Security
  • View Images
  • Manage Image Exceptions
  1. Set up user roles and manage users. See Roles and Users for Containers.
  2. Add clusters to the console and install Kubernetes Sensors. See Adding Clusters and Installing Kubernetes Sensors.
  3. Configure Containers. See Configuring Container Security.
  4. Monitor and analyze Containers. See Monitoring and Analyzing Containers.
  5. Triage alerts. See Triaging Kubernetes Alerts.
  6. Take action and remediate security issues. See Investigating and Remediating Container Security Issues.
Kubernetes Security Developer

Inspects a single container for security posture and compliance.

  • View and Manage Kubernetes Security
  • View Images
  • Manage Image Exceptions
  1. Monitor and analyze Kubernetes workloads. See Monitoring Kubernetes Workloads .
  2. Triage alerts. See Triaging Kubernetes Alerts.