Login
    Contents x
    Permissions List
    • 15 Apr 2024
    • 9 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Permissions List

    • Updated on 15 Apr 2024
    • 9 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Article Summary

    Permissions are the building blocks for Axonius Role Based Access Control (RBAC). Each role consists of a collection of permissions for various elements in the system. Each user is assigned to a specific role.
    Each role consists of the following categories and each category consists of different set of permissions.
    The table below describes the behavior for each category and permission.
    Absence of permissions for specific items may mean that elements in the system are not displayed, or disabled, depending on the definitions of that permission.

    Global Actions

    PermissionUI PageUI ComponentBehavior (when permission is disabled)
    Save data analyticsData AnalyticsData Analytics page, ReportsHidden


    API Access

    PermissionUI PageUI ComponentBehavior (when permission is disabled)
    API Access enabledN/AN/AThe user cannot login via the API
    API Access enabledUser settings tabAPI Key tabHidden
    Reset API KeyAccount SettingsReset Key buttonHidden


    Asset Investigation

    PermissionUI PageUI ComponentBehavior (when permission is disabled)
    View Asset InvestigationDevices/Users Button Hidden
    Delete saved queryQueries Public query - Delete button (drawer) Hidden
    Create saved queryAsset Investigation Save Query dialog Disabled
    Edit saved queriesQueriesEdit button (drawer)
    		Hidden
    Run saved queriesAsset Investigation/Queries
    		Run Query button (drawer)
    		Disabled

    System and User Management

    PermissionUI PageUI ComponentBehavior (when permission is disabled)
    Export to CSV
    		System Settings
    		Export CSV button
    		Disabled
    View system settingsAll pagesSystem Settings buttonDisabled
    View system settingsSystem SettingsPageNot accessible
    View system settingsSystem SettingsLifecycle SettingsNot accessible
    View system settingsSystem SettingsGlobal SettingsNot accessible
    View system settingsSystem SettingsGUI SettingsNot accessible
    View system settingsSystem SettingsIdentity Providers SettingsNot accessible
    View system settingsSystem SettingsTunnel SettingsNot accessible
    View user accounts and rolesSystem SettingsIdentity Providers SettingsNot accessible
    View user accounts and rolesSystem SettingsManage Users tabHidden
    View user accounts and rolesSystem SettingsManage Roles tabHidden
    View user accounts and rolesAxonius DashboardEdit dashboard radio button selectionDisabled
    Add userSystem Settings - Manage Users tabAdd User buttonDisabled
    Add userSystem Settings - Manage Users tabDrawerDisabled
    Edit usersSystem Settings - Manage Users tabDrawerDisabled
    Edit usersSystem Settings - Manage Users tabAssign role option (Actions menu)Hidden
    Delete userSystem Settings - Manage Users tabDelete user option (Actions menu)Hidden
    Delete userSystem Settings - Manage Users tabDelete user button (from drawer)Hidden
    Add roleSystem Settings - Manage Roles tabAdd role buttonDisabled
    Add roleSystem Settings - Manage Roles tabDuplicate role button (from drawer)Hidden
    Edit rolesSystem Settings - Manage Roles tabDrawerDisabled
    Edit rolesSystem SettingsIdentity Providers SettingsDisabled
    Update system settingsSystem Settings - all tabsSave buttonsDisabled
    Update system settingsSystem Settings - all tabsAll fieldsDisabled
    Update system settingsDevicesEdit System ViewHidden
    Update system settingsUsersEdit System ViewHidden
    Run manual discovery cycleAll pagesRun Discovery buttonDisabled
    View NotificationsAll PagesNotification iconDisabled
    Manage Service AccountsSystem SettingsManage Service AccountsDisabled
    Manage admin usersSystem Settings - Manage Users tabUser tableAdmin role hidden
    Manage admin usersSystem Settings - Manage Users tabRole Assignment Drop-downAdmin role hidden
    Manage admin usersSystem Settings - Manage Roles tabRoles tableAdmin role hidden
    Manage admin usersSystem Settings - Identity Providers Settings tabDefault Role for new SAML/LADPAdmin role hidden
    Manage admin usersSystem Settings - Identity Providers Settings tabRole Assignment Rules SAML/LADPAdmin role hidden
    Manage gatewaysSystem Settings - Gateways GatewaysGateways  hidden


    Dashboard

    PermissionUI PageUI ComponentBehavior (when permission is disabled)
    View dashboardAll pagesLeft navigation menu - Dashboard iconDisabled
    View dashboardAxonius DashboardPageNot accessible
    View dashboardReport ConfigurationDashboard selectionOption is not available
    Delete chartAxonius DashboardChart menu - DeleteHidden
    Add chartAxonius DashboardAdd chart (+ card)Hidden
    Add chartAxonius DashboardChart menu - Move and CopyLimited to Move
    Edit chartsAxonius DashboardChart menu - EditHidden
    Edit chartsAxonius DashboardChart menu - Move and CopyLimited to Copy
    Export to CSV
    		Axonius Dashboard
    		Export options in charts
    		Disabled
    Add and editdashboardsAxonius DashboardAdddashboard (+)Hidden
    Add and editdashboardsAxonius DashboardDashboard menu - EditHidden
    DeletedashboardsAxonius Dashboard Dashboard menu - DeleteHidden
    RefreshdashboardsAxonius Dashboard Dashboard menu - DeleteHidden
    Add and edit private
    dashboards    		Axonius DashboardAdddashboard (+)Hidden
    Add and edit for
    all data scopes    		Axonius DashboardAdddashboard (+)
    		Hidden


    Device Assets

    Note
    Permissions are configured separately for each asset type in Axonius. The permissions available for assets are similar to those detailed below for Device and User assets.
    PermissionUI PageUI ComponentBehavior (when permission is disabled)
    Edit devices relationships
    		Asset Graph
    		Graph
    		Disabled (edit relationships)
    Export to CSV
    		All Device pages with a CSV Export option
    		Export CSV button
    		Disabled
    View devicesAll pagesLeft navigation menu - Devices iconDisabled
    View devicesDevicesPageNot accessible
    View devicesAxonius DashboardSearch barSearch will not apply on device assets
    View devicesAxonius DashboardChartsSelecting devices is not available
    View devicesAxonius DashboardChart configurationSelecting devices saved queries is not available
    View devicesCloud Asset ComplianceShow affected devices buttonDisabled (only for devices)
    Create, delete, and linkDevices
    		Bulk selection (checkboxes)
    		Hidden
    Create, delete, and link
    		Devices
    		Actions menu
    		Disabled
    Create, delete, and link
    		Devices
    		All actions: link, unlink, delete...
    		Not accessible
    Edit tags and custom dataDevicesBulk selection (checkboxes)Hidden
    Edit tags and custom data
    		DevicesActions menuDisabled
    Edit tags and custom data
    		DevicesAll actions: tag and custom dataNot accessible
    Edit tags and custom data
    		Device Profile - Tags tabCreate/Edit/Delete tagsDisabled
    Edit tags and custom data
    		Device Profile - Custom dataCreate/Edit/Delete custom dataDisabled
    Manage notesDevice Profile - Notes tabCreate/Edit/Delete notesDisabled
    Run saved queriesQueries Run Query button (drawer)Disabled
    Run saved queriesDevicessearch bar - saved queries in the query searchHidden
    Edit saved queries Queries Edit button (drawer)Hidden
    Edit saved queriesDevicesSave - for saved queriesDisabled
    Edit saved queriesDevicesRename saved queryDisabled
    Delete saved queryQueries Public query - Delete button (drawer)Hidden
    Delete saved queryQueries Delete button (bulk selection)Hidden
    Delete saved queryQueries Bulk selection (checkboxes)Hidden
    Create saved queryQueries Private query - Set Public button (drawer)Hidden
    Create saved queryDevicesPrivate query checkbox (Save Query dialog)Disabled (and selected)


    User Assets

    PermissionUI PageUI ComponentBehavior (when permission is disabled)
    Edit users relationships
    		Asset Graph
    		Graph
    		Disabled (edit relationships)
    Export to CSV
    		Device pages with a CSV Export option
    		Export CSV button
    		Disabled
    View usersAll pagesLeft navigation menu - Users iconDisabled
    View usersUsersPageNot accessible
    View usersAxonius DashboardSearch barSearch will not apply on user assets
    View usersAxonius DashboardChartsSelecting users is not available
    View usersAxonius DashboardChart configurationSelecting users saved queries is not available
    View usersCloud Asset ComplianceShow affected users buttonDisabled (only for users)
    Create, delete, and link
    		Users
    		Bulk selection (checkboxes)
    		Hidden
    Create, delete, and link
    		Users
    		Actions menu
    		Disabled
    Create, delete, and linkUsers
    		All actions: link, unlink, delete...
    		Not accessible
    Edit tags and custom data
    		Users
    		Bulk selection (checkboxes)
    		Hidden
    Edit tags and custom dataUsers
    		Actions menu
    		Disabled
    Edit tags and custom data
    		Users
    		All actions: tag and custom data
    		Disabled
    Edit tags and custom data
    		Users Profile - Tags
    		Create/Edit/Delete tags
    		Disabled
    Edit tags and custom data
    		Users Profile - Custom data
    		Create/Edit/Delete custom data
    		Disabled
    Manage notesUser Profile - Notes tabCreate/Edit/Delete notesDisabled
    Run saved queriesSaved QueriesRun Query button (drawer)Disabled
    Run saved queriesUserssearch bar - saved queries in the query searchHidden
    Edit saved queriesQueriesEdit button (drawer)Hidden
    Edit saved queriesUsersSave - for saved queriesDisabled
    Edit saved queriesUsersRename saved queryDisabled
    Delete saved queryQueriesDelete button (drawer)Hidden
    Delete saved queryQueriesDelete button (bulk selection)Hidden
    Delete saved queryQueriesBulk selection (checkboxes)Hidden
    Create saved queryQueriesPrivate query - Set Public button (drawer)Hidden
    Create saved queryUsersPrivate query checkbox (Save Query dialog)Disabled (and selected)


    Vulnerability Assets

    PermissionUI PageUI ComponentBehavior (when permission is disabled)
    Edit software relationships
    		Asset Graph
    		Graph
    		Disabled (edit relationships)
    Export to CSV
    		Vulnerability pages with a CSV Export option
    		Export CSV button
    		Disabled
    View vulnerabilities All pagesLeft navigation menu - Vulnerabilities iconDisabled
    View vulnerabilities VulnerabilitiesPageNot accessible
    Create, delete, and link
    		Vulnerabilities
    		Bulk selection (checkboxes)
    		Hidden
    Create, delete, and link
    		Vulnerabilities
    		Actions menu
    		Disabled
    Create, delete, and link
    		Vulnerabilities
    		All actions: link, unlink, delete...
    		Not accessible
    Edit tags and custom data
    		Vulnerabilities
    		Bulk selection (checkboxes)
    		Hidden
    Edit tags and custom data
    		Vulnerabilities
    		Actions menu
    		Disabled
    Edit tags and custom data
    		VulnerabilitiesAll actions: tag and custom data
    		Disabled
    Edit tags and custom data
    		Vulnerabilities Profile - Tags tab Profile - Custom data 
    		Create/Edit/Delete tags
    		Disabled
    Edit tags and custom data
    		Vulnerabilities
    		Create/Edit/Delete custom data
    		Disabled
    Run saved queriesQueries Run Query button (drawer)Disabled
    Run saved queriesVulnerabilitiessearch bar - saved queries in the query searchHidden
    Edit saved queries Queries Edit button (drawer)Hidden
    Edit saved queriesVulnerabilitiesSave - for saved queriesDisabled
    Edit saved queriesVulnerabilitiesRename saved queryDisabled
    Delete saved queryQueries Public query - Delete button (drawer)Hidden
    Delete saved queryQueries Delete button (bulk selection)Hidden
    Delete saved queryQueries Bulk selection (checkboxes)Hidden
    Create saved queryQueries Private query - Set Public button (drawer)Hidden
    Create saved queryVulnerabilities
    		Private query checkbox (Save Query dialog)Disabled (and selected)

    Software  Assets

    PermissionUI PageUI ComponentBehavior (when permission is disabled)
    Edit software relationshipsAsset GraphGraphDisabled (edit relationships)
    Export to CSV
    		Software pages with a CSV Export option
    		Export CSV button
    		Disabled
    View softwareAll pagesLeft navigation menu - Devices iconDisabled
    View softwareSoftwarePageNot accessible
    Create, delete, and link
    		Software
    		Bulk selection (checkboxes)
    		Hidden
    Create, delete, and link
    		Software
    		Actions menu
    		Disabled
    Create, delete, and link
    		Software
    		All actions: link, unlink, delete...
    		Not accessible
    Edit tags and custom data
    		Software
    		Bulk selection (checkboxes)
    		Hidden
    Edit tags and custom data
    		Software
    		Actions menu
    		Disabled
    Edit tags and custom data
    		Software
    		All actions: tag and custom data
    		Not accessible
    Edit tags and custom data
    		Software Profile - Tags tab
    		Create/Edit/Delete tags
    		Disabled
    Edit tags and custom data
    		Software Profile - Custom tab
    		Create/Edit/Delete custom data
    		Disabled
    Edit softwareSoftware Profile - Custom dataBulk selection (checkboxes)Hidden
    Run saved queriesQueries Run Query button (drawer)Disabled
    Run saved queriesSoftwaresearch bar - saved queries in the query searchHidden
    Edit saved queriesQueries Edit button (drawer)Hidden
    Edit saved queriesSoftware
    		Save - for saved queriesDisabled
    Manage Software approval listSoftwareButtonHidden
    Manage Software approval list
    		Software approval list
    		PageHidden
    Edit saved queriesSoftware
    		Rename saved queryDisabled
    Delete saved queryQueries Public query - Delete button (drawer)Hidden
    Delete saved queryQueries Delete button (bulk selection)Hidden
    Delete saved queryQueries Bulk selection (checkboxes)Hidden
    Create saved queryQueries Private query - Set Public button (drawer)Hidden
    Create saved querySoftware
    		Private query checkbox (Save Query dialog)Disabled (and selected)

    Queries

    PermissionUI PageUI ComponentBehavior (when permission is disabled)
    Manage query foldersQueriesQuery foldersDisabled
    View query history of all usersQuery HistoryPageNot accessible
    Export to CSV
    		Data Analytics
    		Data Analytics page, Reports
    		Disabled

    Reports

    PermissionUI PageUI ComponentBehavior (when permission is disabled)
    View reportsAll pagesLeft navigation menu - Reports iconDisabled
    View reportsReportsPageNot accessible (unless Use private reports is enabled)
    Export to CSV
    		Reports
    		Download CSV in Reports
    		Disabled
    Add reportReportsAdd report buttonDisabled (unless Use private reports is enabled)
    Edit reportsReport ConfigurationAll input fieldsDisabled (unless Use private reports is enabled)
    Delete reportReportsBulk selection (checkboxes)Hidden (unless Use private reports is enabled)
    Delete reportReportsDelete button (bulk selection)Hidden (unless Use private reports is enabled)
    Use private reportsReport ConfigurationPrivate report checkboxDisabled
    Deactivate ReportsReport ConfigurationToggle buttonDisabled


    Manage Nodes

    PermissionUI PageUI ComponentBehavior (when permission is disabled)
    View Compute NodesAll pagesLeft navigation menu - Instances iconDisabled
    View Compute Nodes Manage NodesPageNot accessible
    Edit Compute Nodes Manage Nodes
    		All input fieldsDisabled
    Edit Compute Nodes Manage Nodes
    		Bulk selection (checkboxes)Hidden
    Edit Compute Nodes Manage Nodes
    		Deactivate / Reactivate buttonsHidden


    Adapters

    PermissionUI PageUI ComponentBehavior (when permission is disabled)
    Export to CSV enabled
    		All pages in the system where CSV Export exists

    		Export CSV button
    		Disabled
    View adaptersAll pagesLeft navigation menu - Adapters iconDisabled
    View adaptersAll pagesPageNot accessible
    Add connectionAdapterAdd connectionDisabled
    Edit connectionsAdapterEdit connections - open connection modalDisabled
    Edit adapter advanced settingsAdapterAdvanced Settings buttonDisabled
    Edit adapter advanced settingsAdapters - Action menuOverride Advanced Settings Values optionDisabled
    Delete connectionAdapterBulk selection (checkboxes)Hidden
    Delete connectionAdapterDelete button (bulk selection)Hidden
    Terminate connectionAdapter Fetch HistoryBulk selection (checkboxes)Hidden
    Terminate connectionAdapter Fetch History - Action menuTerminate connectionHidden
    Export to CSV enabled
    		All pages in the system where CSV Export exists
    		Export CSV button
    		Disabled
    Run saved queries
    		Queries
    		Run Query button (drawer)
    		Disabled
    Create saved query
    		Queries
    		Duplicate button (drawer)Hidden
    Edit saved queries
    		QueriesTag button (bulk selection)
    		Hidden
    Edit saved queriesQueries
    		Edit button (drawer)
    		Hidden
    Edit saved queries
    		Adapters Fetch History
    		Save - for saved queries
    		Disabled
    Edit saved queries
    		Adapters Fetch History
    		Update query details
    		Disabled
    Delete saved query
    		Queries
    		Public query - Delete button (drawer)
    		Hidden
    Delete saved query
    		Queries
    		Public query - Delete button (drawer)
    		Hidden


    Activity Logs

    PermissionUI PageUI ComponentBehavior (when permission is disabled)
    Export to CSV
    		Activity logsExport CSV button
    		Disabled
    View activity logsActivity logsPageNot accessible
    Run saved queriesQueriesRun Query button (drawer)Disabled
    Edit saved queriesQueries Edit button (drawer)Hidden
    Edit saved queriesActivity logsSave - for saved queriesDisabled
    Edit saved queriesActivity logsRename saved queryDisabled
    Delete saved queryQueries Public query - Delete button (drawer)Hidden
    Delete saved queryQueries Delete button (bulk selection)Hidden
    Delete saved queryQueries Bulk selection (checkboxes)Hidden
    Create saved queryActivity logsPrivate query - Set Public button (drawer)Hidden
    Create saved queryActivity logsPrivate query checkbox (Save Query dialog)Disabled (and selected)

    Enforcement Center

    Note:

    In order to add an Enforcement Action the role needs to have both Edit Enforcements and Add Enforcements permissions.  

    PermissionUI PageUI ComponentBehavior (when permission is disabled)
    View Enforcement CenterAll pagesLeft navigation menu - EC iconDisabled
    View Enforcement CenterEnforcement CenterPageNot accessible
    View Enforcement CenterDevice/User Profile - EC Tasks tabLink to taskRemove link
    View Enforcement Center  Queries (Devices)Enforce button (drawer)Hidden
    View Enforcement Center Queries (Users)Enforce button (drawer)Hidden
    Edit EnforcementsEnforcement SetAll input fieldsDisabled
    Edit EnforcementsEnforcement SetEdit button (drawer)Hidden
    Edit EnforcementsEnforcement SetDelete button (drawer)Hidden
    Edit EnforcementsEnforcement CenterAdd Enforcement buttonDisabled
    Edit Enforcements  Queries (Devices)Enforce button (drawer)Hidden
    Edit Enforcements Queries (Users)Enforce button (drawer)Hidden
    Add EnforcementEnforcement CenterAdd Enforcement buttonDisabled
    Add Enforcement Queries (Devices)Enforce button (drawer)Hidden
    Add Enforcement Queries (Users)Enforce button (drawer)Hidden
    Add EnforcementCloud Asset ComplianceEnforce menuDisabled
    Add EnforcementDevices - Actions menuCreate New Enforcement optionDisabled
    Add EnforcementUsers - Actions menuCreate New Enforcement optionDisabled
    View Enforcement TasksEnforcement CenterView Tasks buttonDisabled
    View Enforcement TasksEnforcement SetView Tasks buttonDisabled
    View Enforcement TasksDevice/User Profile - EC Tasks tabLink to taskRemove link
    View Enforcement TasksEnforce dialogLink to taskRemove link
    Delete EnforcementEnforcement CenterBulk selection (checkboxes)Hidden
    Delete EnforcementEnforcement CenterDelete button - Actions Menu (bulk selection)Hidden
    Delete EnforcementEnforcement Set - Combo buttonDelete optionHidden
    Run EnforcementDevices - Actions menuRun Existing Enforcement optionDisabled
    Run EnforcementUsers - Actions menuRun Existing Enforcement optionDisabled
    Run EnforcementRun button - bulk selectionRun Existing Enforcement optionHidden
    Terminate Enforcement TasksEnforcement Center - Enforcement Tasks TableBulk Selection (checkboxes)Hidden
    Terminate EnforcementEnforcement Center - Actions menuTerminate Enforcement TasksHidden
    Duplicate EnforcementEnforcement Center - Actions menuDuplicate optionHidden
    Duplicate EnforcementEnforcement Set - Combo buttonDuplicate optionHidden


    Cloud Asset Compliance

    PermissionUI PageUI ComponentBehavior (when permission is disabled)
    Export to CSV enabled
    		Cloud Asset Compliance
    		Export CSV button
    		Disabled
    View Cloud Asset ComplianceAll pagesLeft navigation menu - Cloud iconDisabled
    View Cloud Asset ComplianceCloud Asset CompliancePageNot accessible
    Update Benchmark settingsBenchmark ScoreScore menuHidden
    Manage Exclusions and CommentsCloud Asset ComplianceAdd exclusion/comment button in Comments section (drawer)Hidden
    Manage Exclusions and CommentsCloud Asset ComplianceDelete exclusion/comment button in Comments section (drawer)Hidden
    Manage Exclusions and CommentsCloud Asset ComplianceEdit exclusion/comment button in Comments section (drawer)Hidden


    Ingestion Rules

    PermissionUI PageUI ComponentBehavior (when permission is disabled)
    View Ingestion RulesAdapter Advanced SettingsAdapter Advanced Settings
    		Hidden
    Update Ingestion RulesAdapter Advanced Settings
    		Adapter Advanced Settings
    		Hidden

    SaaS Management

    PermissionUI PageUI ComponentBehavior (when permission is disabled)
    Admin level actions
    		SaaS Management ModulesSaaS Management Modules and all Admin SettingsDisabled
    View entities and data
    		SaaS Management Modules
    		SaaS Management Modules
    		Hidden




    Was this article helpful?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout