How to activate Owner-Based RBAC Feature

In this tutorial, you’ll learn how to activate and use Owner-Based RBAC in Ostorlab to implement granular, team-based access control within your organization.

Whether you're managing multiple teams, business units, or product lines, Owner-Based RBAC allows you to control access to assets, scans, and vulnerabilities based on Owner assignments — all while keeping administration simple and scalable.

What You’ll Learn:
- How access works before enabling Owner-Based RBAC
- The limitations of organization-wide roles
- What Owners are and how they function
- How access propagates from Users to Assets, Scans, and Tickets
- The difference between Admin, User, and Reader roles when RBAC is enabled
- How parent-child Owner hierarchies work
- How to activate Owner-Based RBAC in Organization Settings

Access Model Explained:
- Legacy Mode (Disabled):
All users see all organization resources depending on their role.
No team separation.
- Owner-Based RBAC (Enabled):
Access is filtered based on Owner assignments.
Users only see resources belonging to their assigned Owners.
Admins remain unrestricted.
- Access Flow:
User → Owner → Assets → Scans → Tickets
- Owner Hierarchy:
Parent Owners inherit visibility over child Owners.
Child Owners do not see parent or sibling resources.

This workflow is ideal for:
Large enterprises
Multi-team security organizations
DevSecOps teams
Compliance-driven environments
Organizations managing multiple applications or business units

Enable scalable, structured access control without adding operational complexity.

Learn more about Ostorlab:
➡️ https://www.ostorlab.co

Видео How to activate Owner-Based RBAC Feature канала Ostorlab Academy