Roles for Cloud Infrastructure Entitlement Management (CIEM)

Only organization members who have the organization-manager.viewer role or higher for the organization can view access permissions in the Security Deck interface.

To revoke access permissions, users must have one of these roles: admin, resource-manager.admin, organization-manager.admin, resource-manager.clouds.owner, organization-manager.organizations.owner, or the administrator role in the service where they want to revoke the subject’s access to a resource.