leafleafleafMan illustration
Updated on March 25, 2026
Groups

Generate Permission Matrix

Estimated reading: 4 minutes 18 views

The Generate Permission Matrix feature provides a structured view of permissions assigned across groups, roles, and users. It helps administrators clearly understand how access rights are distributed and which roles or groups are granting specific permissions.

The matrix presents this information in a tabular format, making it easier to analyze relationships between roles and permissions without navigating through multiple screens. This is especially useful when reviewing access control or validating security configurations.

Benefits of Generate Permission Matrix

📊 Clear Visibility of Access Rights
Gives a complete view of who has access to what, all in one place.

🔍 Easy Analysis
Helps quickly identify which roles or groups are responsible for specific permissions.

🛡️ Supports Security Reviews
Useful for validating access and ensuring permissions are aligned with policies.

🧩 Simplifies Complex Structures
Makes it easier to understand permission setups in large or layered group structures.

Saves Time
Reduces the need to manually trace permissions across roles and groups.

How to Generate the Permission Matrix

Step 1: Select the groups for which you want to generate the permission matrix –> Click on Generate Permission Matrix

Step 2: You will get the settings dialog box –> Click OK after defining your settings.

1. Output Location: Select the folder where to generate the matrix: Allows you to choose the destination where the generated permission matrix file will be saved.

2. Access Rights Selection

  • Show Permissions: Includes detailed permissions in the matrix, showing what actions are allowed.
  • Show Roles: Includes roles in the matrix, helping you understand which roles are assigned and how they relate to permissions.

3. Settings

  • Include all application’s data in single sheet: Generates the entire matrix in one sheet, making it easier to get a consolidated view.
  • Include a sheet per application: Creates separate sheets for each application, which helps in organizing data when working with multiple applications.
  • Show only items related to other items: Filters the matrix to display only relevant relationships, removing unused or unrelated entries for better clarity.
  • Show the number of items related to each entity: Displays counts (e.g., number of roles or permissions linked), helping in quick analysis.

4. Select Applications: Allows you to choose which applications to include in the permission matrix. Only the selected applications will be considered when generating the report.

Advanced Setting Tab

This section allows you to further refine what data is included in the permission matrix and how relationships between entities are displayed.

1. Entity Selection

  • Show Users: Includes users in the matrix, allowing you to see how access rights are assigned at the user level.
  • Show Groups: Includes groups in the matrix, helping you understand group-based access and inheritance.
  • Show Roles: Includes roles to provide a complete view of how permissions are structured through RBAC.
  • Show Permission Sets: Displays permission sets, if applicable, giving additional detail on grouped permissions.

2. Include Groups Option: Show Groups (Additional Option): Allows you to include groups alongside the selected access rights from the General tab, giving more context to how permissions are assigned.

3. Dependencies Between Users and Groups

  • Add a matrix showing dependencies between users and groups: Generates an additional matrix that highlights the relationship between users and the groups they belong to.
  • Include this matrix in each application tab: Adds the user-group dependency matrix within each application-specific sheet for easier reference.

4. Select Applications: Allows you to choose which applications to include in the matrix. Only selected applications will be part of the generated output.

Sample Output

You will get an excel output as shown below, you can click on the ” All Applications” or ” User and Groups” row lines or click on the different tabs seen below to get further details.

Sample – Applications

Sample – Users & Groups

When should you use this?

  • During access reviews to validate permissions
  • Before audits to prepare a clear view of access rights
  • When troubleshooting permission-related issues
  • While analyzing role or group configurations
  • Before making changes to understand current access setup

Powered By Visual-Guard