Security

Delete the roles power and user

reed_kelly
Contributor

I define specific roles for each team. I don't particularly see a use for the Power or User roles. In fact, I find it annoying that "power" is added to app modify rights, by default. Are there any side effects of deleting these two roles to prevent their accidental use?

Tags (1)
0 Karma

sduff_splunk
Splunk Employee
Splunk Employee

In general, most other roles will inherit the permissions and capabilities from the user role (some elevated roles would use power), so I would strongly advise against removing the user and power roles.

reed_kelly
Contributor

I specifically create new base roles to inherit from. For example, I create a base_user with no data access and some basic search capabilities. I also create a base_dev role with additional capabilities for editing dashboards and scheduling searches. My goal is to lock down access to "least required" by each team to meet audit guidelines. I am not seeing any inherited features of user or power in my other roles. Are there any hidden attributes that are inherited from user or power?

0 Karma
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Get Updates on the Splunk Community!

.conf25 Global Broadcast: Don’t Miss a Moment

Hello Splunkers, .conf25 is only a click away.  Not able to make it to .conf25 in person? No worries, you can ...

Observe and Secure All Apps with Splunk

 Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...

What's New in Splunk Observability - August 2025

What's New We are excited to announce the latest enhancements to Splunk Observability Cloud as well as what is ...