This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Without access to the console that all sounds like it should be working.
Sorry to hear support isn't being of much assistance, do you have a
customer engineer that you can reach out to and see if they can escalate
internally? make sure you follow the...
"The problem is again that once I login with one of this group's users,
I have admin rights in the SOAR and I can see cases that I shouldn't be
able to see."- Does the Role assigned for SIEM only have any additional
roles?Another good thing to check ...
Yea i believe those are required for access, you can grant those
permissions in GCP IAM then use SOAR permission groups to limit access
on the SOAR side:
https://cloud.google.com/chronicle/docs/soar/admin-tasks/permissions/working-with-permission-gro...
Are you using BYOID or GAIA? You may still need to grant SOAR admin and
Chronicle API, the permissions and Roles can be set on the SOAR side so
that they can have limited access to SOAR while still retaining the
access to
SIEM.https://cloud.google.co...
