Roles
A user's permission is determined by their role. There are five pre-defined roles: Administrator, Manager, Application Manager, Tester, and Reporting Viewer that cannot be modified or deleted. An administrator assigns users to asset groups. Administrators have the ability to change the default user role to any role (except Administrator), including a custom role. Users who have the permission to manage and invite other users cannot assign them a role that is higher than their own role. For example, a Manager cannot invite a user and assign them an Administrator role. Additionally, a user cannot invite someone to a role that has privileges that the inviting user does not have.
Note: The Administrator role is assigned to a user when your
organization is created at the Cloud Marketplace. The
Administrator can perform tasks in any asset group; all other user roles including
the Manager can perform tasks in only the asset groups to which they have been
assigned. HCL recommends you specify at least one other user as a backup
Administrator.
| Capability | Administrator | Manager | Application Manager | Tester | Report Viewer |
|---|---|---|---|---|---|
| Applications | |||||
| Create/modify apps, Assign apps to asset groups, Enable/disable policies in applications | ✔ | ✔ | ✔ | ||
| Reset/delete applications | ✔ | ✔ | ✔ | ||
| Create/modify webhooks | ✔ | ✔ | |||
| Asset Group Access | |||||
| User has access only to selected asset groups (access that is granted from Asset groups management page) | ✔ | ✔ | ✔ | ✔ | |
| User has access to all asset groups | ✔ | ||||
| Create/modify asset groups (name, description, contact and propagate issue status) that this user can access | ✔ | ✔ | |||
| Delete asset groups that this user can access | ✔ | ✔ | |||
| Grant/remove access to asset groups that this user can access | ✔ | ✔ | |||
| Scanning | |||||
| Create/edit scan configuration | ✔ | ✔ | ✔ | ✔ | |
| Run scan/Rescan | ✔ | ✔ | ✔ | ✔ | |
| Delete scan | ✔ | ✔ | ✔ | ✔ | |
| Create/edit personal scan configuration | ✔ | ✔ | ✔ | ✔ | |
| Run personal scan/Rescan | ✔ | ✔ | ✔ | ✔ | |
| Delete personal scan | ✔ | ✔ | ✔ | ✔ | |
| Promote personal scan | ✔ | ✔ | ✔ | ✔ | |
| Create/modify an AppScan Presence | ✔ | ✔ | ✔ | ✔ | |
| Delete an AppScan Presence | ✔ | ✔ | ✔ | ✔ | |
| Issues | |||||
| Update issue status | ✔ | ✔ | ✔ | ✔ | |
| Update issue severity | ✔ | ✔ | |||
| Policies | |||||
| Create/delete custom policies | ✔ | ✔ | |||
| Associate/disassociate a policy with an application | ✔ | ✔ | ✔ | ||
| Users | |||||
| View Users & Roles | ✔ | ✔ | |||
| Invite/delete user | ✔ | ✔ | |||
| Assign user roles | ✔ | ✔ | |||
| Create/modify roles | ✔ | ✔ | |||
| Delete roles | ✔ | ✔ | |||
| Premium Features | |||||
| Schedule a call with an AppScan expert (Learn more about AppScan for You) | ✔ | ✔ | |||