In VaultOne, you can configure default permissions that are automatically applied to new resources of a specific type (e.g., new computers, websites, or credentials) when they are created. By default, every new resource is set up with "Manage" permission for two key users: the resource creator and the master admin. This crucial default ensures that resources don't become "orphaned" and inaccessible if the original creator's account is ever removed.
Customize the default permissions to suit your organization's needs by following the below steps.
Access Default Permissions Settings
- Go to Administration > Settings.
- Select the Default Permissions tab.
Configure Permissions for Each Resource Type
Set permissions for various resource types:
- Select a specific Resource Type - choose "Websites," "Computers," "Remote Devices," or "Databases" from the available options.
- Add Users or Groups:
- Add individual users - click the option to add users and search for the specific individuals you want to grant default access
- Add groups - click the option to add groups and select the desired groups. All members of these groups will automatically inherit the specified permissions for new resources of this type
- Define Permissions - for each user or group you add, specify the level of permission they should have by default (e.g., "Manage," "View," "Connect"). This applies to non-private resources of that type.
- Repeat for all relevant Resource Types - go through steps 1-3 for each resource type where you want to establish specific default permissions.
- When finished, click Save all.
Note: VaultOne's default setup (creator and master admin having "Manage" permission) is crucial for preventing resources from becoming inaccessible. If you modify these default users or groups and allow them to be deleted or removed, ensure that another user or group with "Manage" permission is designated to maintain access to the resource.