User roles

Users are assigned to asset groups by an administrator. Predefined user roles cannot be deleted.

About user roles

Note:
  • The Administrator role is assigned to a user when your organization is created at Cloud Marketplace. They can perform tasks in any asset group. All other roles can perform tasks in only the asset groups they can access.
  • The default role for new users is the "Tester" role, which can be changed by a privileged user. Changing the default role does not affect existing users.

  • As of September 12, 2017: Users designated Administrator in the HCL User Account Management system (SSM) are no longer necessarily Administrators in ASoC. SSM Administrators are now designated "Inviter" in ASoC, because they can invite other users. An ASoC Administrator who is also an Inviter can assign users to any asset group; a manager who is also an Inviter can assign users only to asset groups of which they themselves are a member. But an ASoC Administrator is not necessarily an Inviter. Any ASoC Administrator can update the role of other Administrators, as long as at least one user remains with Administrator status.
Table 1. Custom role capabilities
Capability Administrator Manager Application Manager Tester Report Viewer
Applications
Create/modify apps, Assign apps to asset groups, Enable/disable policies in applications X X X
Reset/delete apps X X X
Asset Group Access
User has limited access to asset groups (access that is granted from Asset Group management page) X X X X
User has complete access to all asset groups X
Create/modify asset group (name and description only) X X
Delete asset groups that this user can access X X
Grant/remove access to asset groups that this user can access X X
Scanning
Create/modify scans X X X X
Delete scans X X X X
Create/modify an AppScan Presence X X X X
Delete an AppScan Presence X X X X
Issue Management
Update issue status X X X X
Policy Management
Create/delete custom policies X X
Associate/disassociate a policy with an application X X X
User Management
Assign user roles X Only in asset groups of which they themselves are a member
Create/modify roles X Only in asset groups of which they themselves are a member
Delete roles X Only in asset groups of which they themselves are a member