Skip to main content

Access Control Overview

Access control within Lacework is extremely powerful while remaining easy and intuitive to manage. Lacework's approach to access control lets you give more granular access to specific accounts and resources and prevents unwanted access to other accounts and resources.

Role-based access control (RBAC) is control over user groups and access to resources based on a defined role at either an account level or organization level.

Organization Roles

At organization level, Lacework supports two roles: Administrator and User.

The following tabs describe in detail each role and its permissions.

Account Roles

At account level, Lacework supports three roles: Admin, Power user, and Read-only user.

The following tabs describe in detail each role and its permissions.

Service Users

Lacework supports service users to provide programmatic access to the Lacework API without allowing logins to the Lacework Console. Service users have three roles: Admin, Power user, and Read-only user.

The following tabs describe in detail each role and its permissions.

User typeUser groupDescription
Service userAccount adminUsers with the account administrator role have full access to all Lacework API endpoints.