On a component service, click its green service arrow, then go to the Properties tab, then select the Security Policy sub-tab. From there, you can see 2 selectable checkboxes: Client Authentication and Confidentiality.

We need to add Authorization to the list of checkboxes.

Support for the Authorization security policy was added to the runtime in SWITCHYARD-1081, and the tooling already supports the ability to define the Roles Allowed and Run As config points in the Security Properties section of the Domain tab.

For details on the runtime implementation, see "The rolesAllowed Attribute" and "The runAs Attribute" sections here:
https://docs.jboss.org/author/display/SWITCHYARD/Security
, as well as "Security Policy" here:
https://docs.jboss.org/author/display/SWITCHYARD/Policy