Velaxe
Establish least-privilege roles with RBAC | AccessGuard

AccessGuard

Establish least-privilege roles with RBAC

Create roles, map capabilities, and assign via users or IdP claims.

View App All Use Cases Open Guide Related Integration
Roles matrix
Capabilities per role

Overview

Create roles, map capabilities, and assign via users or IdP claims.

Problem

Privilege creep and broad admin access increase blast radius during incidents.

Solution

AccessGuard’s RBAC exposes granular capabilities (users, sessions, profiles, configure) and exports for audit.

How it works

Define viewer/analyst/admin/service roles. Use mapping rules for IdP groups, apply two-person control for “iam:configure”, and export the role matrix for review.

Who is this for

Security Engineer Compliance Officer

Expected outcomes

  • Reduced privilege creep
  • Clear separation of duties

Key metrics

Users with admin role

Baseline

22 % of staff

Target

5 % of staff

SoD violations detected

Baseline

9 count

Target

0 count

Gallery

Roles matrix
Capabilities per role

Downloads & templates

RBAC JSON template

Spec

Case studies

HealthCloud tightens admin exposure

Admin footprint reduced 5× with SoD enforcement.

Healthcare Mid-market NA

Security impact

  • Role assignments & capabilities · PII: none

Compliance

  • SOC2 (least privilege)
  • ISO 27001 (Access control)

Availability & next steps

Free Pro Enterprise
Create roles and assign via mapping rules.