Login
Contents x
Permissions List
  • 12 Mar 2023
  • 8 Minutes to read
  • Print
  • Dark
    Light
  • PDF
Contents

Permissions List

  • Updated on 12 Mar 2023
  • 8 Minutes to read
  • Print
  • Dark
    Light
  • PDF

Permissions are the building blocks for Axonius Role Based Access Control (RBAC). Each role consists of a collection of permissions for various elements in the system. Each user is assigned to a specific role.
Each role consists of the following categories and each category consists of different set of permissions.
The table below describes the behavior for each category and permission.
Absence of permissions for specific items may mean that elements in the system are not displayed, or disabled, depending on the definitions of that permission.

Global Actions

CategoryPermissionUI PageUI ComponentBehavior (when permission is disabled)
Global ActionsExport to CSV enabledAll pages in the system where CSV Export existsExport CSV buttonDisabled
Global ActionsExport to CSV enabledCharts, ReportsExport options in charts, Download CSV in ReportsHidden


API Access

CategoryPermissionUI PageUI ComponentBehavior (when permission is disabled)
API AccessAPI Access enabledN/AN/AThe user cannot login via the API
API AccessAPI Access enabledUser settings tabAPI Key tabHidden
AP AccessReset API KeyAccount SettingsReset Key buttonHidden


System and User Management

CategoryPermissionUI PageUI ComponentBehavior (when permission is disabled)
System and User ManagementView system settingsAll pagesSystem Settings buttonDisabled
System and User ManagementView system settingsSystem SettingsPageNot accessible
System and User ManagementView system settingsSystem SettingsLifecycle SettingsNot accessible
System and User ManagementView system settingsSystem SettingsGlobal SettingsNot accessible
System and User ManagementView system settingsSystem SettingsGUI SettingsNot accessible
System and User ManagementView system settingsSystem SettingsIdentity Providers SettingsNot accessible
System and User ManagementView system settingsSystem SettingsTunnel SettingsNot accessible
System and User ManagementView user accounts and rolesSystem SettingsIdentity Providers SettingsNot accessible
System and User ManagementView user accounts and rolesSystem SettingsManage Users tabHidden
System and User ManagementView user accounts and rolesSystem SettingsManage Roles tabHidden
System and User ManagementView user accounts and rolesAxonius DashboardEdit dashboard radio button selectionDisabled
System and User ManagementAdd userSystem Settings - Manage Users tabAdd User buttonDisabled
System and User ManagementAdd userSystem Settings - Manage Users tabDrawerDisabled
System and User ManagementEdit usersSystem Settings - Manage Users tabDrawerDisabled
System and User ManagementEdit usersSystem Settings - Manage Users tabAssign role option (Actions menu)Hidden
System and User ManagementDelete userSystem Settings - Manage Users tabDelete user option (Actions menu)Hidden
System and User ManagementDelete userSystem Settings - Manage Users tabDelete user button (from drawer)Hidden
System and User ManagementAdd roleSystem Settings - Manage Roles tabAdd role buttonDisabled
System and User ManagementAdd roleSystem Settings - Manage Roles tabDuplicate role button (from drawer)Hidden
System and User ManagementEdit rolesSystem Settings - Manage Roles tabDrawerDisabled
System and User ManagementEdit rolesSystem SettingsIdentity Providers SettingsDisabled
System and User ManagementUpdate system settingsSystem Settings - all tabsSave buttonsDisabled
System and User ManagementUpdate system settingsSystem Settings - all tabsAll fieldsDisabled
System and User ManagementUpdate system settingsDevicesEdit System ViewHidden
System and User ManagementUpdate system settingsUsersEdit System ViewHidden
System and User ManagementRun manual discovery cycleAll pagesRun Discovery buttonDisabled
System and User ManagementView NotificationsAll PagesNotification iconDisabled
System and User ManagementManage Service AccountsSystem SettingsManage Service AccountsDisabled
System and User ManagementManage admin usersSystem Settings - Manage Users tabUser tableAdmin role hidden
System and User ManagementManage admin usersSystem Settings - Manage Users tabRole Assignment Drop-downAdmin role hidden
System and User ManagementManage admin usersSystem Settings - Manage Roles tabRoles tableAdmin role hidden
System and User ManagementManage admin usersSystem Settings - Identity Providers Settings tabDefault Role for new SAML/LADPAdmin role hidden
System and User ManagementManage admin usersSystem Settings - Identity Providers Settings tabRole Assignment Rules SAML/LADPAdmin role hidden
System and User Management
Manage tunnelsSystem Settings - Manage Tunnels tabManage TunnelsTunnels Tab hidden


Dashboard

CategoryPermissionUI PageUI ComponentBehavior (when permission is disabled)
DashboardView dashboardAll pagesLeft navigation menu - Dashboard iconDisabled
DashboardView dashboardAxonius DashboardPageNot accessible
DashboardView dashboardReport ConfigurationDashboard selectionOption is not available
DashboardDelete chartAxonius DashboardChart menu - DeleteHidden
DashboardAdd chartAxonius DashboardAdd chart (+ card)Hidden
DashboardAdd chartAxonius DashboardChart menu - Move and CopyLimited to Move
DashboardEdit chartsAxonius DashboardChart menu - EditHidden
DashboardEdit chartsAxonius DashboardChart menu - Move and CopyLimited to Copy
DashboardAdd and edit dashboardsAxonius DashboardAdd dashboard (+)Hidden
DashboardAdd and edit dashboardsAxonius DashboardDashboard menu - EditHidden
DashboardDelete dashboardsAxonius DashboardDashboard menu - DeleteHidden
DashboardRefresh dashboardsAxonius DashboardDashboard menu - DeleteHidden
DashboardAdd and edit private
dashboards		Axonius DashboardAdd dashboard (+)Hidden
DashboardAdd and edit for
all data scopes		Axonius DashboardAdd dashboard (+)
Hidden


Device Assets

CategoryPermissionUI PageUI ComponentBehavior (when permission is disabled)
Device AssetsView devicesAll pagesLeft navigation menu - Devices iconDisabled
Device AssetsView devicesDevicesPageNot accessible
Device AssetsView devicesAxonius DashboardSearch barSearch will not apply on device assets
Device AssetsView devicesAxonius DashboardChartsSelecting devices is not available
Device AssetsView devicesAxonius DashboardChart configurationSelecting devices saved queries is not available
Device AssetsView devicesCloud Asset ComplianceShow affected devices buttonDisabled (only for devices)
Device AssetsEdit devicesDevicesBulk selection (checkboxes)Hidden
Device AssetsEdit devicesDevicesActions menuDisabled
Device AssetsEdit devicesDevicesAll actions: link, unlink, delete, tag, custom data...Not accessible
Device AssetsEdit devicesDevice Profile - Tags tabCreate/Edit/Delete tagsDisabled
Device AssetsEdit devicesDevice Profile - Custom dataCreate/Edit/Delete custom dataDisabled
Device AssetsManage notesDevice Profile - Notes tabCreate/Edit/Delete notesDisabled
Device AssetsRun saved queriesQueries Run Query button (drawer)Disabled
Device AssetsRun saved queriesDevicessearch bar - saved queries in the query searchHidden
Device AssetsEdit saved queries Queries Edit button (drawer)Hidden
Device AssetsEdit saved queriesDevicesSave - for saved queriesDisabled
Device AssetsEdit saved queriesDevicesRename saved queryDisabled
Device AssetsDelete saved queryQueries Public query - Delete button (drawer)Hidden
Device AssetsDelete saved queryQueries Delete button (bulk selection)Hidden
Device AssetsDelete saved queryQueries Bulk selection (checkboxes)Hidden
Device AssetsCreate saved queryQueries Private query - Set Public button (drawer)Hidden
Device AssetsCreate saved queryDevicesPrivate query checkbox (Save Query dialog)Disabled (and selected)


User Assets

CategoryPermissionUI PageUI ComponentBehavior (when permission is disabled)
User AssetsView usersAll pagesLeft navigation menu - Users iconDisabled
User AssetsView usersUsersPageNot accessible
User AssetsView usersAxonius DashboardSearch barSearch will not apply on user assets
User AssetsView usersAxonius DashboardChartsSelecting users is not available
User AssetsView usersAxonius DashboardChart configurationSelecting users saved queries is not available
User AssetsView usersCloud Asset ComplianceShow affected users buttonDisabled (only for users)
User AssetsEdit usersUsersBulk selection (checkboxes)Hidden
User AssetsEdit usersUsersActions menuDisabled
User AssetsEdit usersUsersAll actions: link, unlink, delete, tag, custom data...Not accessible
User AssetsEdit usersUser Profile - Tags tabCreate/Edit/Delete tagsDisabled
User AssetsEdit usersUser Profile - Custom dataCreate/Edit/Delete custom dataDisabled
User AssetsManage notesUser Profile - Notes tabCreate/Edit/Delete notesDisabled
User AssetsRun saved queriesSaved QueriesRun Query button (drawer)Disabled
User AssetsRun saved queriesUserssearch bar - saved queries in the query searchHidden
User AssetsEdit saved queriesQueriesEdit button (drawer)Hidden
User AssetsEdit saved queriesUsersSave - for saved queriesDisabled
User AssetsEdit saved queriesUsersRename saved queryDisabled
User AssetsDelete saved queryQueriesDelete button (drawer)Hidden
User AssetsDelete saved queryQueriesDelete button (bulk selection)Hidden
User AssetsDelete saved queryQueriesBulk selection (checkboxes)Hidden
User AssetsCreate saved queryQueriesPrivate query - Set Public button (drawer)Hidden
User AssetsCreate saved queryUsersPrivate query checkbox (Save Query dialog)Disabled (and selected)


Vulnerability Assets

CategoryPermissionUI PageUI ComponentBehavior (when permission is disabled)
Vulnerability AssetsView vulnerabilities All pagesLeft navigation menu - Devices iconDisabled
Vulnerability AssetsView vulnerabilities VulnerabilitiesPageNot accessible
Vulnerability AssetsEdit vulnerabilities VulnerabilitiesBulk selection (checkboxes)Hidden
Vulnerability AssetsRun saved queriesQueries Run Query button (drawer)Disabled
Vulnerability AssetsRun saved queriesVulnerabilitiessearch bar - saved queries in the query searchHidden
Vulnerability AssetsEdit saved queries Queries Edit button (drawer)Hidden
Vulnerability AssetsEdit saved queriesVulnerabilitiesSave - for saved queriesDisabled
Vulnerability AssetsEdit saved queriesVulnerabilitiesRename saved queryDisabled
Vulnerability AssetsDelete saved queryQueries Public query - Delete button (drawer)Hidden
Vulnerability AssetsDelete saved queryQueries Delete button (bulk selection)Hidden
Vulnerability AssetsDelete saved queryQueries Bulk selection (checkboxes)Hidden
Vulnerability AssetsCreate saved queryQueries Private query - Set Public button (drawer)Hidden
Vulnerability AssetsCreate saved queryDevicesPrivate query checkbox (Save Query dialog)Disabled (and selected)


Queries

CategoryPermissionUI PageUI ComponentBehavior (when permission is disabled)
QueriesManage query foldersQueriesQuery foldersDisabled
QueriesView query history of all usersQuery HistoryPageNot accessible

Reports

CategoryPermissionUI PageUI ComponentBehavior (when permission is disabled)
ReportsView reportsAll pagesLeft navigation menu - Reports iconDisabled
ReportsView reportsReportsPageNot accessible (unless Use private reports is enabled)
ReportsAdd reportReportsAdd report buttonDisabled (unless Use private reports is enabled)
ReportsEdit reportsReport ConfigurationAll input fieldsDisabled (unless Use private reports is enabled)
ReportsDelete reportReportsBulk selection (checkboxes)Hidden (unless Use private reports is enabled)
ReportsDelete reportReportsDelete button (bulk selection)Hidden (unless Use private reports is enabled)
ReportsUse private reportsReport ConfigurationPrivate report checkboxDisabled
ReportsDeactivate ReportsReport ConfigurationToggle buttonDisabled


Instances

CategoryPermissionUI PageUI ComponentBehavior (when permission is disabled)
InstancesView instancesAll pagesLeft navigation menu - Instances iconDisabled
InstancesView instancesInstancesPageNot accessible
InstancesEdit instanceInstancesAll input fieldsDisabled
InstancesEdit instanceInstancesBulk selection (checkboxes)Hidden
InstancesEdit instanceInstancesDeactivate / Reactivate buttonsHidden
InstancesRestart and Shut down instanceInstancesReboot / Shut down buttonsHidden


Adapters

CategoryPermissionUI PageUI ComponentBehavior (when permission is disabled)
AdaptersView adaptersAll pagesLeft navigation menu - Adapters iconDisabled
AdaptersView adaptersAll pagesPageNot accessible
AdaptersAdd connectionAdapterAdd connectionDisabled
AdaptersEdit connectionsAdapterEdit connections - open connection modalDisabled
AdaptersEdit adapter advanced settingsAdapterAdvanced Settings buttonDisabled
AdaptersEdit adapter advanced settingsAdapters - Action menuOverride Advanced Settings Values optionDisabled
AdaptersDelete connectionAdapterBulk selection (checkboxes)Hidden
AdaptersDelete connectionAdapterDelete button (bulk selection)Hidden
AdaptersTerminate connectionAdapter Fetch HistoryBulk selection (checkboxes)Hidden
AdaptersTerminate connectionAdapter Fetch History - Action menuTerminate connectionHidden
AdaptersRun saved queries
Queries
Run Query button (drawer)
Disabled
Adapters
Create saved query
Queries
Duplicate button (drawer)Hidden
Adapters
Edit saved queries
QueriesTag button (bulk selection)
Hidden
Adapters
Edit saved queriesQueries
Edit button (drawer)
Hidden
Adapters
Edit saved queries
Adapters Fetch History
Save - for saved queries
Disabled
Adapters
Edit saved queries
Adapters Fetch History
Update query details
Disabled
Adapters
Delete saved query
Queries
Public query - Delete button (drawer)
Hidden
Adapters
Delete saved query
Queries
Public query - Delete button (drawer)
Hidden


Activity Logs

CategoryPermissionUI PageUI ComponentBehavior (when permission is disabled)
Activity logsView activity logsAll pagesLeft navigation menu - Activity logs iconDisabled
Activity logsView activity logsActivity logsPageNot accessible
Activity logsRun saved queriesQueriesRun Query button (drawer)Disabled
Activity logsEdit saved queriesQueries Edit button (drawer)Hidden
Activity logsEdit saved queriesActivity logsSave - for saved queriesDisabled
Activity logsEdit saved queriesActivity logsRename saved queryDisabled
Activity logsDelete saved queryQueries Public query - Delete button (drawer)Hidden
Activity logsDelete saved queryQueries Delete button (bulk selection)Hidden
Activity logsDelete saved queryQueries Bulk selection (checkboxes)Hidden
Activity logsCreate saved queryActivity logsPrivate query - Set Public button (drawer)Hidden
Activity logsCreate saved queryActivity logsPrivate query checkbox (Save Query dialog)Disabled (and selected)

Enforcement Center

Note:

In order to add an Enforcement Action the role needs to have both Edit Enforcements and Add Enforcements permissions.  

CategoryPermissionUI PageUI ComponentBehavior (when permission is disabled)
Enforcement CenterView Enforcement CenterAll pagesLeft navigation menu - EC iconDisabled
Enforcement CenterView Enforcement CenterEnforcement CenterPageNot accessible
Enforcement CenterView Enforcement CenterDevice/User Profile - EC Tasks tabLink to taskRemove link
Enforcement CenterView Enforcement Center  Queries (Devices)Enforce button (drawer)Hidden
Enforcement CenterView Enforcement Center Queries (Users)Enforce button (drawer)Hidden
Enforcement CenterEdit EnforcementsEnforcement SetAll input fieldsDisabled
Enforcement CenterEdit EnforcementsEnforcement SetEdit button (drawer)Hidden
Enforcement CenterEdit EnforcementsEnforcement SetDelete button (drawer)Hidden
Enforcement CenterEdit EnforcementsEnforcement CenterAdd Enforcement buttonDisabled
Enforcement CenterEdit Enforcements  Queries (Devices)Enforce button (drawer)Hidden
Enforcement CenterEdit Enforcements Queries (Users)Enforce button (drawer)Hidden
Enforcement CenterAdd EnforcementEnforcement CenterAdd Enforcement buttonDisabled
Enforcement CenterAdd Enforcement Queries (Devices)Enforce button (drawer)Hidden
Enforcement CenterAdd Enforcement Queries (Users)Enforce button (drawer)Hidden
Enforcement CenterAdd EnforcementCloud Asset ComplianceEnforce menuDisabled
Enforcement CenterAdd EnforcementDevices - Actions menuCreate New Enforcement optionDisabled
Enforcement CenterAdd EnforcementUsers - Actions menuCreate New Enforcement optionDisabled
Enforcement CenterView Enforcement TasksEnforcement CenterView Tasks buttonDisabled
Enforcement CenterView Enforcement TasksEnforcement SetView Tasks buttonDisabled
Enforcement CenterView Enforcement TasksDevice/User Profile - EC Tasks tabLink to taskRemove link
Enforcement CenterView Enforcement TasksEnforce dialogLink to taskRemove link
Enforcement CenterDelete EnforcementEnforcement CenterBulk selection (checkboxes)Hidden
Enforcement CenterDelete EnforcementEnforcement CenterDelete button - Actions Menu (bulk selection)Hidden
Enforcement CenterDelete EnforcementEnforcement Set - Combo buttonDelete optionHidden
Enforcement CenterRun EnforcementDevices - Actions menuRun Existing Enforcement optionDisabled
Enforcement CenterRun EnforcementUsers - Actions menuRun Existing Enforcement optionDisabled
Enforcement CenterRun EnforcementRun button - bulk selectionRun Existing Enforcement optionHidden
Enforcement CenterTerminate Enforcement TasksEnforcement Center - Enforcement Tasks TableBulk Selection (checkboxes)Hidden
Enforcement CenterTerminate EnforcementEnforcement Center - Actions menuTerminate Enforcement TasksHidden
Enforcement CenterDuplicate EnforcementEnforcement Center - Actions menuDuplicate optionHidden
Enforcement CenterDuplicate EnforcementEnforcement Set - Combo buttonDuplicate optionHidden


Cloud Asset Compliance

Category
PermissionUI PageUI ComponentBehavior (when permission is disabled)
Cloud Asset ComplianceView Cloud Asset ComplianceAll pagesLeft navigation menu - Cloud iconDisabled
Cloud Asset ComplianceView Cloud Asset ComplianceCloud Asset CompliancePageNot accessible
Cloud Asset ComplianceUpdate Benchmark settingsBenchmark ScoreScore menuHidden
Cloud Asset ComplianceManage Exclusions and CommentsCloud Asset ComplianceAdd exclusion/comment button in Comments section (drawer)Hidden
Cloud Asset ComplianceManage Exclusions and CommentsCloud Asset ComplianceDelete exclusion/comment button in Comments section (drawer)Hidden
Cloud Asset ComplianceManage Exclusions and CommentsCloud Asset ComplianceEdit exclusion/comment button in Comments section (drawer)Hidden


Ingestion Rules

CategoryPermissionUI PageUI ComponentBehavior (when permission is disabled)
Ingestion RulesView Ingestion RulesAdapter Advanced SettingsAdapter Advanced Settings
Hidden
Ingestion Rules
Update Ingestion RulesAdapter Advanced Settings
Adapter Advanced Settings
Hidden




What's Next
Change password!
Changing your password will log you out immediately. Use the new password to log back in.
Change profile
Success!
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.
Logout