Security Groups and RBAC
Security groups bundle users for permission assignment through role-based access control (RBAC). Groups can have assigned, dynamic user, or dynamic device membership types. RBAC links users, groups, role assignments, and permissions so administrators only need to move users between groups to update their access rights automatically.