Tenable Vulnerability Management - Assign Role to User

Tenable Vulnerability Management - Assign Role to User assigns a role to a user in Tenable Vulnerability Management for:

  • Users (only) returned by the selected query or assets selected on the relevant asset page.
📘

Note

This Enforcement Action was previously named Tenable Vulnerability Management - Change User Role.

Required Fields

These fields must be configured to run the Enforcement Action.

  • Action name - The name of this Enforcement Action. The system sets a default name. You can change the name.
  • Configure Dynamic Values (optional) - Toggle on to enter a Dynamic Value statement. See Creating Enforcement Action Dynamic Value Statements to learn more about Dynamic Value statement syntax.
  • Use stored credentials from the Tenable Vulnerability Management adapter - Enable this option to use credentials from the adapter connection (mandatory). By default, the first connection is selected.
    • When you select this option, the Select Adapter Connection drop-down becomes available. Select the adapter connection to use for this Enforcement Action.

📘

Note

To use this option, you must successfully configure a Tenable Vulnerability Management adapter connection.

  • Role Name - Select a role to assign to the user from the dropdown.
  • Compute Node - The Axonius node to use when connecting to the specified host. For more details, see Working with Axonius Compute Nodes.

Additional Fields

These fields are optional.

💡

Connection and Credentials

When Use stored credentials from the adapter is toggled off, some of the connection fields below are required to create the connection, while other fields are optional.

  • Tenable Vulnerability Management domain - The IP address or hostname of your Tenable Vulnerability Management management server.

  • Access API key and Secret API key - These values must be created in the Tenable Vulnerability Management console. To generate an API key in theTenable Vulnerability Management console, see Generate an API Key.

  • Verify SSL (optional) - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.

  • HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.

  • Justification reason - Enter a justification for assign this role to the user.

  • Gateway Name - Select the Gateway through which to connect to perform the action.

APIs

Axonius uses the Tenable Change User Role API. Use the PUT /users/{user_uuid}/roles API endpoint.

Required Permissions

The stored credentials, or those provided in Connection and Credentials, must have the following permission(s) to perform this Enforcement Action:

  • Administrator [64] user role

For more details about other enforcement actions available, see Action Library.