Data role-based access control (data RBAC) is a security model that
restricts user access to data based on the user's roles within an
organization. With data RBAC, administrators can define scopes and assign them
to users to help ensure that users can access only the necessary data for their job
functions.
Data RBAC and feature RBAC are often used together to provide a comprehensive
access control system. The differences are the following:
Feature RBAC controls access to specific features or
functionalities within a system. Feature RBAC determines which features are accessible to
users based on their roles.
Data RBAC controls access to specific data or
information within a system. Data RBAC controls user access to view and
modify data based on their roles.
For example, a user might be allowed to
access a specific feature (feature RBAC) and within that feature, their access
to specific data might be further restricted based on their role (data RBAC).
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-03-06 UTC."],[[["Data RBAC (role-based access control) restricts user access to data based on their organizational roles, ensuring they can only access data necessary for their job."],["Data RBAC works in conjunction with feature RBAC, where feature RBAC controls access to system functionalities, and data RBAC controls access to specific data within those features."],["Data RBAC allows administrators to define scopes and assign them to users, enabling granular control over data visibility and modification rights."],["Data RBAC is supported in Google SecOps, with resources available to understand, set up, and evaluate its impact on features."]]],[]]
