# Creating and using Roles

For a demo example of following steps, here is the policy timestamp: **1675164531.823309003**

## **User roles usage in Policies**

### **An example of creating and using Roles in Policy**

1. Switch to the Roles tab

![Roles Tab](https://1556785885-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FNYWPEEAknX9Vki1yV5HY%2Fuploads%2Fgit-blob-005f784fe92be1f1240fa767ed59ebec30ef7870%2F0%20\(2\)%20\(1\).png?alt=media)

2. Create 2 new roles called ‘**Example role 1***’ and* ‘***Example role 2***’

![Add Role button](https://1556785885-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FNYWPEEAknX9Vki1yV5HY%2Fuploads%2Fgit-blob-d45ccde84c9bd44f92d3798314564a28fb767b76%2F1%20\(7\).png?alt=media)

![Creating two roles](https://1556785885-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FNYWPEEAknX9Vki1yV5HY%2Fuploads%2Fgit-blob-5001885a3534983245d3dcf4cfea255f72901b11%2F2%20\(9\).png?alt=media)

3. In the root container create 4 more ’**interfaceContainerBlock***’* container called ‘**no\_role***’*, ‘**owner***’*, ‘**role\_1***’ and ‘***role\_2***’*

![Creating 4 interfaceContainerBlock](https://1556785885-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FNYWPEEAknX9Vki1yV5HY%2Fuploads%2Fgit-blob-5580edecac7b2112f004048eb1e35387bb9a97ed%2F3%20\(7\).png?alt=media)

{% hint style="info" %}
**Note:** By default all containers would have ‘*Any Role’* set and thus they would be visible to all users (with all roles)
{% endhint %}

4. Change the ‘Permissions’ properties in each container in the following way:

* no\_role: No Role
* owner: Owner
* role\_1: Example role 1
* role\_2: Example role 2

![No Role](https://1556785885-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FNYWPEEAknX9Vki1yV5HY%2Fuploads%2Fgit-blob-5cbc54b6e9c2d667a751750f6b672fe3a3dbab57%2F4%20\(5\).png?alt=media) ![Owner](https://1556785885-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FNYWPEEAknX9Vki1yV5HY%2Fuploads%2Fgit-blob-b9a502aae729a2d007e705351c5911b191645e25%2F5%20\(7\).png?alt=media)

![Example role 1](https://1556785885-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FNYWPEEAknX9Vki1yV5HY%2Fuploads%2Fgit-blob-977200cd1e5da298de26aef91c3b38111bc666db%2F6%20\(6\).png?alt=media) ![Example role 2](https://1556785885-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FNYWPEEAknX9Vki1yV5HY%2Fuploads%2Fgit-blob-2f389c35082284daaf2d36c7cb9df5c0ab3a8b55%2F7%20\(7\).png?alt=media)

This would result in the following visibility of containers:

* The first container (called ’no role’) would be visible only to new users which have no role assigned to them
* The ‘owner’ container would be visible only to the Standard Registry which created (or imported) this policy
* The ‘role 1’ container would be visible only to users with ‘*Example role 1’*
* The ‘role 2’ container would be visible only to users with ‘*Example role 2’*

5. Add a ‘**policyRolesBlock***’* to the ‘*no\_role’* container and name it ‘*choose\_role’*

![Adding policyRolesBlock](https://1556785885-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FNYWPEEAknX9Vki1yV5HY%2Fuploads%2Fgit-blob-cc1e76de4c6755674181034ca73775f5581b58c5%2F8.png?alt=media)

Since this block is located inside the container ‘*no\_role*’ which has ‘*No role*’ permission setting it would only be visible to new users without an assigned role.

6. The ‘**Available Roles***’* property allows to configure which roles would be available to users to chose from at this stage of the Policy workflow

Select ‘**Example role 1***’ and* ‘**Example role 2***’*

![Available Roles property](https://1556785885-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FNYWPEEAknX9Vki1yV5HY%2Fuploads%2Fgit-blob-cdb04db6635c54270e8d29aafe9c7d8e1f6f5e2d%2F9%20\(5\).png?alt=media)

7. Add ‘**informationBlock**’ to other containers just to display results

![InformationBlock to other containers](https://1556785885-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FNYWPEEAknX9Vki1yV5HY%2Fuploads%2Fgit-blob-abf26a4056612dac1f5fb7c9ea1258e7e3076ec6%2F10%20\(7\).png?alt=media)

### **Results**:

1. New users would end up on the policy choice form upon entering the policy

![Selecting Role](https://1556785885-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FNYWPEEAknX9Vki1yV5HY%2Fuploads%2Fgit-blob-613d32dac798540ed5223ea6aef2b89e0c4d5f49%2F11%20\(1\)%20\(2\).png?alt=media)

2. After the selection of the role users would see only 1 container corresponding to their roles

![Showing only 1 container](https://1556785885-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FNYWPEEAknX9Vki1yV5HY%2Fuploads%2Fgit-blob-0fb9e7e6916065de411105b22556e81a8ac95163%2F12%20\(1\)%20\(2\).png?alt=media)

3. The owner of the Policy (the Standard Registry user) upon executing the policy would skip the role selection form and would immediately end-up in the corresponding container

![For Standard Registry](https://1556785885-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FNYWPEEAknX9Vki1yV5HY%2Fuploads%2Fgit-blob-bfde5004ee8e0076bfcbc7ed00835d856661534b%2F13%20\(1\)%20\(1\)%20\(1\)%20\(1\)%20\(1\)%20\(1\)%20\(1\)%20\(1\)%20\(1\).png?alt=media)