Google Security Operations lets you create different sets of user groups and
assign them different levels of permission to different modules.
There are seven predefined sets of permission groups:
Readers
Admins
Basic
View-Only
Collaborators
Managed User
Managed-Plus User
The built-in administrator group automatically has edit access to all environments,
meaning its members can view data from every environment in the system.
When creating a new permission group, carefully consider whether to grant edit
access to all environments.
Edit a permission group
To edit an existing permission group:
Go to to Settings>Organizations>Permissions.
Select the permission group you want.
Each module appears with a toggle to allow or deny a user access.
If the toggle is off, the module doesn't appear. If the
toggle is on, configure permissions for each feature you want the user to have.
When finished, click Save.
Add a new permission group
To add a new Permission Group:
Go to Settings>Organizations>Permissions.
Click Add Permission Group.
Complete the following areas on the screen:
Your cursor is automatically placed next to the title of New
Group. Delete the words New Group and enter your own name for the new
Group. For example, Tier One.
From the list, select the License Type you want.
Select the Landing Page that you want this User Group to be directed to when they first sign in.
Select the permissions you want for each module.
When finished, click Save; the new permission group is added to the list. Note that at any time, you
can make changes and click Save again. To simplify editing, click
content_copy
Duplicate to create a copy of the permission group.
Restrict Actions
You can apply Restrict Actions to a permission group to prevent access to certain types
of actions. For example, as a Managed Security Service Provider (MSSP), you might
have separate SOC Manager groups for separate environments.
Click the permission group you want.
In the Restrict Actions section, click addAdd, and select the actions to restrict for this permission group.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-29 UTC."],[[["\u003cp\u003eGoogle Security Operations enables the creation of user groups with varying permission levels for different modules.\u003c/p\u003e\n"],["\u003cp\u003eThere are seven predefined permission groups, including Readers, Admins, and Collaborators, each with specific access rights.\u003c/p\u003e\n"],["\u003cp\u003eExisting permission groups can be edited by toggling feature access on or off and adjusting specific permissions for each feature, then saving the changes.\u003c/p\u003e\n"],["\u003cp\u003eNew permission groups can be created by navigating to the Permissions section, adding a new group, defining its user type and landing page, and configuring module permissions before saving.\u003c/p\u003e\n"],["\u003cp\u003eRestrictions can be implemented to prevent specific permission groups from performing certain actions, enhancing security control.\u003c/p\u003e\n"]]],[],null,["# Work with permission groups\n===========================\n\nSupported in: \nGoogle secops [SOAR](/chronicle/docs/secops/google-secops-soar-toc)\n**Note:** If you have migrated to Google Cloud, this page is replaced by IAM permissions. For more information, see [Migrate to Google Cloud](/chronicle/docs/soar/admin-tasks/advanced/migrate-to-gcp). \nGoogle Security Operations lets you create different sets of user groups and\nassign them different levels of permission to different modules. \n\nThere are seven predefined sets of permission groups:\n\n- Readers\n- Admins\n- Basic\n- View-Only\n- Collaborators\n- Managed User\n- Managed-Plus User\n\nThe built-in administrator group automatically has edit access to all environments,\nmeaning its members can view data from every environment in the system.\nWhen creating a new permission group, carefully consider whether to grant edit\naccess to all environments.\n\n### Edit a permission group\n\nTo edit an existing permission group:\n\n1. Go to to **Settings** \\\u003e **Organizations** \\\u003e **Permissions**.\n2. Select the permission group you want.\n3. Each module appears with a toggle to allow or deny a user access. If the toggle is off, the module doesn't appear. If the toggle is on, configure permissions for each feature you want the user to have.\n4. When finished, click **Save**.\n\n### Add a new permission group\n\nTo add a new Permission Group:\n\n1. Go to **Settings** \\\u003e **Organizations** \\\u003e **Permissions**.\n2. Click **Add Permission Group**.\n3. Complete the following areas on the screen:\n 1. Your cursor is automatically placed next to the title of New Group. Delete the words New Group and enter your own name for the new Group. For example, Tier One.\n 2. From the list, select the License Type you want. \n 3. Select the Landing Page that you want this User Group to be directed to when they first sign in.\n 4. Select the permissions you want for each module.\n4. When finished, click **Save** ; the new permission group is added to the list. Note that at any time, you can make changes and click **Save** again. To simplify editing, click content_copy **Duplicate** to create a copy of the permission group. \n\nRestrict Actions\n----------------\n\nYou can apply Restrict Actions to a permission group to prevent access to certain types\nof actions. For example, as a Managed Security Service Provider (MSSP), you might\nhave separate SOC Manager groups for separate environments.\n\n1. Click the permission group you want.\n2. In the **Restrict Actions** section, click add **Add**, and select the actions to restrict for this permission group.\n3. Click **Add** and then click **Save** . \n\nFor more information on permission groups, see [Control access to the platform](/chronicle/docs/soar/admin-tasks/\nadvanced/control-access-to-platform).\n\n**Need more help?** [Get answers from Community members and Google SecOps professionals.](https://security.googlecloudcommunity.com/google-security-operations-2)"]]
