Back to feed
GCP·Google SecOpsdeprecated·
AI Insights

Chronicle.soarAnalyst, chronicle.soarViewer, chronicle.soarEngineer roles in Cloud IAM are being deprecated and will be...

Chronicle.soarAnalyst, chronicle.soarViewer, chronicle.soarEngineer roles in Cloud IAM are being deprecated and will be fully removed in six months. Although these roles were accessible and can historically be assigned to users in Cloud IAM, they were non-operational. SOAR roles were managed through Permission Groups and with its migration to Cloud IAM as part of the SOAR Migration to Google Cloud, the preceding roles are being deprecated.

To maintain seamless access and adhere to the principle of least privilege, transition your SOAR users to the following options:

• Automatically convert your SOAR Permission Groups to custom roles in IAM through self-service migration. • Pre-defined roles: Utilize the enhanced Google SecOps pre-defined roles now available in Cloud IAM. • Custom Roles: Create tailored roles with specific permissions to meet your organization's unique security requirements.

Read original announcement

More from Google SecOps

Chrome Enterprise Premium Integration general availabilityApr 2, 2026Multi-stage queries in YARA-LMar 31, 2026Credential validation for third-party API connectorsMar 25, 2026New parser documentation now availableMar 23, 2026