.png?sv=2019-07-07&sig=4ZYCepeEL4AnhajnqUPOj%2BcZK3erC6vhS2SMyfP5mEc%3D&spr=https%2Chttp&st=2022-05-28T22%3A53%3A43Z&se=2022-05-28T23%3A03%3A43Z&srt=o&ss=b&sp=r){kind=logo}
Permissions List
- 11 May 2022
- 11 Minutes to read
-
Print
-
DarkLight
-
PDF
Permissions List
- Updated on 11 May 2022
- 11 Minutes to read
-
Print
-
DarkLight
-
PDF
Permissions are the building blocks for Axonius Role Based Access Control (RBAC). Each role consists of a collection of permissions for various elements in the system. Each user is assigned to a specific role.
Each role consists of the following categories and each category consists of different set of permissions.
The table below describes the behavior for each category and permission.
Global Actions
| Category | Permission | UI Page | UI Component | Behavior (when permission is disabled) |
|---|---|---|---|---|
| Global Actions | Export to CSV enabled | All pages in the system where CSV Export exists | Export CSV button | Disabled |
| Global Actions | Export to CSV enabled | Charts, Reports | Export options in charts, Download CSV in Reports | Hidden |
API Access
| Category | Permission | UI Page | UI Component | Behavior (when permission is disabled) |
|---|---|---|---|---|
| API Access | API Access enabled | N/A | N/A | The user cannot login via the API |
| API Access | API Access enabled | User settings tab | API Key tab | Hidden |
| API Access | Reset API Key | Account Settings | Reset Key button | Hidden |
System and User Management
| Category | Permission | UI Page | UI Component | Behavior (when permission is disabled) |
|---|---|---|---|---|
| System and User Management | View system settings | All pages | System Settings button | Disabled |
| System and User Management | View system settings | System Settings | Page | Not accessible |
| System and User Management | View system settings | System Settings | Lifecycle Settings | Not accessible |
| System and User Management | View system settings | System Settings | Global Settings | Not accessible |
| System and User Management | View system settings | System Settings | GUI Settings | Not accessible |
| System and User Management | View system settings | System Settings | Identity Providers Settings | Not accessible |
| System and User Management | View system settings | System Settings | Tunnel Settings | Not accessible |
| System and User Management | View user accounts and roles | System Settings | Identity Providers Settings | Not accessible |
| System and User Management | View user accounts and roles | System Settings | Manage Users tab | Hidden |
| System and User Management | View user accounts and roles | System Settings | Manage Roles tab | Hidden |
| System and User Management | View user accounts and roles | Axonius Dashboard | Edit space radio button selection | Disabled |
| System and User Management | Add user | System Settings - Manage Users tab | Add User button | Disabled |
| System and User Management | Add user | System Settings - Manage Users tab | Drawer | Disabled |
| System and User Management | Edit users | System Settings - Manage Users tab | Drawer | Disabled |
| System and User Management | Edit users | System Settings - Manage Users tab | Assign role option (Actions menu) | Hidden |
| System and User Management | Delete user | System Settings - Manage Users tab | Delete user option (Actions menu) | Hidden |
| System and User Management | Delete user | System Settings - Manage Users tab | Delete user button (from drawer) | Hidden |
| System and User Management | Add role | System Settings - Manage Roles tab | Add role button | Disabled |
| System and User Management | Add role | System Settings - Manage Roles tab | Duplicate role button (from drawer) | Hidden |
| System and User Management | Edit roles | System Settings - Manage Roles tab | Drawer | Disabled |
| System and User Management | Edit roles | System Settings | Identity Providers Settings | Disabled |
| System and User Management | Update system settings | System Settings - all tabs | Save buttons | Disabled |
| System and User Management | Update system settings | System Settings - all tabs | All fields | Disabled |
| System and User Management | Update system settings | Devices | Edit System View | Hidden |
| System and User Management | Update system settings | Users | Edit System View | Hidden |
| System and User Management | Run manual discovery cycle | All pages | Run Discovery button | Disabled |
| System and User Management | View Activity Logs | Activity Logs | Page | Not accessible |
| System and User Management | View Notifications | All Pages | Notification icon | Disabled |
| System and User Management | Manage Service Accounts | System Settings | Manage Service Accounts | Disabled |
| System and User Management | Manage admin users | System Settings - Manage Users tab | User table | Admin role hidden |
| System and User Management | Manage admin users | System Settings - Manage Users tab | Role Assignment Drop-down | Admin role hidden |
| System and User Management | Manage admin users | System Settings - Manage Roles tab | Roles table | Admin role hidden |
| System and User Management | Manage admin users | System Settings - Identity Providers Settings tab | Default Role for new SAML/LADP | Admin role hidden |
| System and User Management | Manage admin users | System Settings - Identity Providers Settings tab | Role Assignment Rules SAML/LADP | Admin role hidden |
Dashboard
| Category | Permission | UI Page | UI Component | Behavior (when permission is disabled) |
|---|---|---|---|---|
| Dashboard | View dashboard | All pages | Left navigation menu - Dashboard icon | Disabled |
| Dashboard | View dashboard | Axonius Dashboard | Page | Not accessible |
| Dashboard | View dashboard | Report Configuration | Dashboard selection | Option is not available |
| Dashboard | Delete chart | Axonius Dashboard | Chart menu - Delete | Hidden |
| Dashboard | Add chart | Axonius Dashboard | Add chart (+ card) | Hidden |
| Dashboard | Add chart | Axonius Dashboard | Chart menu - Move and Copy | Limited to Move |
| Dashboard | Edit charts | Axonius Dashboard | Chart menu - Edit | Hidden |
| Dashboard | Edit charts | Axonius Dashboard | Chart menu - Move and Copy | Limited to Copy |
| Dashboard | Add and edit spaces | Axonius Dashboard | Add space (+) | Hidden |
| Dashboard | Add and edit spaces | Axonius Dashboard | Space menu - Edit | Hidden |
| Dashboard | Delete space | Axonius Dashboard | Space menu - Delete | Hidden |
| Dashboard | Refresh space | Axonius Dashboard | Space menu - Delete | Hidden |
Device Assets
| Category | Permission | UI Page | UI Component | Behavior (when permission is disabled) |
|---|---|---|---|---|
| Device Assets | View devices | All pages | Left navigation menu - Devices icon | Disabled |
| Device Assets | View devices | Devices | Page | Not accessible |
| Device Assets | View devices | Axonius Dashboard | Search bar | Search will not apply on device assets |
| Device Assets | View devices | Axonius Dashboard | Charts | Selecting devices is not available |
| Device Assets | View devices | Axonius Dashboard | Chart configuration | Selecting devices saved queries is not available |
| Device Assets | View devices | Cloud Asset Compliance | Show affected devices button | Disabled (only for devices) |
| Device Assets | Edit devices | Devices | Bulk selection (checkboxes) | Hidden |
| Device Assets | Edit devices | Devices | Actions menu | Disabled |
| Device Assets | Edit devices | Devices | All actions: link, unlink, delete, tag, custom data... | Not accessible |
| Device Assets | Edit devices | Device Profile - Notes tab | Create/Edit/Delete notes | Disabled |
| Device Assets | Edit devices | Device Profile - Tags tab | Create/Edit/Delete tags | Disabled |
| Device Assets | Edit devices | Device Profile - Custom data | Create/Edit/Delete custom data | Disabled |
| Device Assets | Run saved queries | Saved Queries (Devices) | Run Query button (drawer) | Disabled |
| Device Assets | Run saved queries | Devices | search bar - saved queries in the query search | Hidden |
| Device Assets | Edit saved queries | Saved Queries (Devices) | Edit button (drawer) | Hidden |
| Device Assets | Edit saved queries | Devices | Save - for saved queries | Disabled |
| Device Assets | Edit saved queries | Devices | Rename saved query | Disabled |
| Device Assets | Delete saved query | Saved Queries (Devices) | Public query - Delete button (drawer) | Hidden |
| Device Assets | Delete saved query | Saved Queries (Devices) | Delete button (bulk selection) | Hidden |
| Device Assets | Delete saved query | Saved Queries (Devices) | Bulk selection (checkboxes) | Hidden |
| Device Assets | Create saved query | Saved Queries (Devices) | Private query - Set Public button (drawer) | Hidden |
| Device Assets | Create saved query | Devices | Private query checkbox (Save Query dialog) | Disabled (and selected) |
User Assets
| Category | Permission | UI Page | UI Component | Behavior (when permission is disabled) |
|---|---|---|---|---|
| User Assets | View users | All pages | Left navigation menu - Users icon | Disabled |
| User Assets | View users | Users | Page | Not accessible |
| User Assets | View users | Axonius Dashboard | Search bar | Search will not apply on user assets |
| User Assets | View users | Axonius Dashboard | Charts | Selecting users is not available |
| User Assets | View users | Axonius Dashboard | Chart configuration | Selecting users saved queries is not available |
| User Assets | View users | Cloud Asset Compliance | Show affected users button | Disabled (only for users) |
| User Assets | Edit users | Users | Bulk selection (checkboxes) | Hidden |
| User Assets | Edit users | Users | Actions menu | Disabled |
| User Assets | Edit users | Users | All actions: link, unlink, delete, tag, custom data... | Not accessible |
| User Assets | Edit users | User Profile - Notes tab | Create/Edit/Delete notes | Disabled |
| User Assets | Edit users | User Profile - Tags tab | Create/Edit/Delete tags | Disabled |
| User Assets | Edit users | User Profile - Custom data | Create/Edit/Delete custom data | Disabled |
| User Assets | Run saved queries | Saved Queries | Run Query button (drawer) | Disabled |
| User Assets | Run saved queries | Users | search bar - saved queries in the query search | Hidden |
| User Assets | Edit saved queries | Saved Queries | Edit button (drawer) | Hidden |
| User Assets | Edit saved queries | Users | Save - for saved queries | Disabled |
| User Assets | Edit saved queries | Users | Rename saved query | Disabled |
| User Assets | Delete saved query | Saved Queries | Delete button (drawer) | Hidden |
| User Assets | Delete saved query | Saved Queries | Delete button (bulk selection) | Hidden |
| User Assets | Delete saved query | Saved Queries | Bulk selection (checkboxes) | Hidden |
| User Assets | Create saved query | Saved Queries | Private query - Set Public button (drawer) | Hidden |
| User Assets | Create saved query | Users | Private query checkbox (Save Query dialog) | Disabled (and selected) |
Reports
| Category | Permission | UI Page | UI Component | Behavior (when permission is disabled) |
|---|---|---|---|---|
| Reports | View reports | All pages | Left navigation menu - Reports icon | Disabled |
| Reports | View reports | Reports | Page | Not accessible (unless Use private reports is enabled) |
| Reports | Add report | Reports | Add report button | Disabled (unless Use private reports is enabled) |
| Reports | Edit reports | Report Configuration | All input fields | Disabled (unless Use private reports is enabled) |
| Reports | Delete report | Reports | Bulk selection (checkboxes) | Hidden (unless Use private reports is enabled) |
| Reports | Delete report | Reports | Delete button (bulk selection) | Hidden (unless Use private reports is enabled) |
| Reports | Use private reports | Report Configuration | Private report checkbox | Disabled |
| Reports | Deactivate Reports | Report Configuration | Toggle button | Disabled |
Instances
| Category | Permission | UI Page | UI Component | Behavior (when permission is disabled) |
|---|---|---|---|---|
| Instances | View instances | All pages | Left navigation menu - Instances icon | Disabled |
| Instances | View instances | Instances | Page | Not accessible |
| Instances | Edit instance | Instances | All input fields | Disabled |
| Instances | Edit instance | Instances | Bulk selection (checkboxes) | Hidden |
| Instances | Edit instance | Instances | Deactivate / Reactivate buttons | Hidden |
| Instances | Restart and Shut down instance | Instances | Reboot / Shut down buttons | Hidden |
Adapters
| Category | Permission | UI Page | UI Component | Behavior (when permission is disabled) |
|---|---|---|---|---|
| Adapters | View adapters | All pages | Left navigation menu - Adapters icon | Disabled |
| Adapters | View adapters | All pages | Page | Not accessible |
| Adapters | Add connection | Adapter | Add connection | Disabled |
| Adapters | Edit connections | Adapter | Edit connections - open connection modal | Disabled |
| Adapters | Edit adapter advanced settings | Adapter | Advanced Settings button | Disabled |
| Adapters | Edit adapter advanced settings | Adapters - Action menu | Override Advanced Settings Values option | Disabled |
| Adapters | Delete connection | Adapter | Bulk selection (checkboxes) | Hidden |
| Adapters | Delete connection | Adapter | Delete button (bulk selection) | Hidden |
| Adapters | Terminate connection | Adapter Fetch History | Bulk selection (checkboxes) | Hidden |
| Adapters | Terminate connection | Adapter Fetch History - Action menu | Terminate connection | Hidden |
Enforcement Center
| Category | Permission | UI Page | UI Component | Behavior (when permission is disabled) |
|---|---|---|---|---|
| Enforcement Center | View Enforcement Center | All pages | Left navigation menu - EC icon | Disabled |
| Enforcement Center | View Enforcement Center | Enforcement Center | Page | Not accessible |
| Enforcement Center | View Enforcement Center | Device/User Profile - EC Tasks tab | Link to task | Remove link |
| Enforcement Center | View Enforcement Center | Saved Queries (Devices) | Enforce button (drawer) | Hidden |
| Enforcement Center | View Enforcement Center | Saved Queries (Users) | Enforce button (drawer) | Hidden |
| Enforcement Center | Edit Enforcements | Enforcement Set | All input fields | Disabled |
| Enforcement Center | Edit Enforcements | Enforcement Set | Edit button (drawer) | Hidden |
| Enforcement Center | Edit Enforcements | Enforcement Set | Delete button (drawer) | Hidden |
| Enforcement Center | Edit Enforcements | Enforcement Center | Add Enforcement button | Disabled |
| Enforcement Center | Edit Enforcements | Saved Queries (Devices) | Enforce button (drawer) | Hidden |
| Enforcement Center | Edit Enforcements | Saved Queries (Users) | Enforce button (drawer) | Hidden |
| Enforcement Center | Add Enforcement | Enforcement Center | Add Enforcement button | Disabled |
| Enforcement Center | Add Enforcement | Saved Queries (Devices) | Enforce button (drawer) | Hidden |
| Enforcement Center | Add Enforcement | Saved Queries (Users) | Enforce button (drawer) | Hidden |
| Enforcement Center | Add Enforcement | Cloud Asset Compliance | Enforce menu | Disabled |
| Enforcement Center | Add Enforcement | Devices - Actions menu | Create New Enforcement option | Disabled |
| Enforcement Center | Add Enforcement | Users - Actions menu | Create New Enforcement option | Disabled |
| Enforcement Center | View Enforcement Tasks | Enforcement Center | View Tasks button | Disabled |
| Enforcement Center | View Enforcement Tasks | Enforcement Set | View Tasks button | Disabled |
| Enforcement Center | View Enforcement Tasks | Device/User Profile - EC Tasks tab | Link to task | Remove link |
| Enforcement Center | View Enforcement Tasks | Enforce dialog | Link to task | Remove link |
| Enforcement Center | Delete Enforcement | Enforcement Center | Bulk selection (checkboxes) | Hidden |
| Enforcement Center | Delete Enforcement | Enforcement Center | Delete button - Actions Menu (bulk selection) | Hidden |
| Enforcement Center | Delete Enforcement | Enforcement Set - Combo button | Delete option | Hidden |
| Enforcement Center | Run Enforcement | Devices - Actions menu | Run Existing Enforcement option | Disabled |
| Enforcement Center | Run Enforcement | Users - Actions menu | Run Existing Enforcement option | Disabled |
| Enforcement Center | Run Enforcement | Run button - bulk selection | Run Existing Enforcement option | Hidden |
| Enforcement Center | Terminate Enforcement Tasks | Enforcement Center - Enforcement Tasks Table | Bulk Selection (checkboxes) | Hidden |
| Enforcement Center | Terminate Enforcement | Enforcement Center - Actions menu | Terminate Enforcement Tasks | Hidden |
| Enforcement Center | Duplicate Enforcement | Enforcement Center - Actions menu | Duplicate option | Hidden |
| Enforcement Center | Duplicate Enforcement | Enforcement Set - Combo button | Duplicate option | Hidden |
Cloud Asset Compliance
| Category | Permission | UI Page | UI Component | Behavior (when permission is disabled) |
|---|---|---|---|---|
| Cloud Asset Compliance | View Cloud Asset Compliance | All pages | Left navigation menu - Cloud icon | Disabled |
| Cloud Asset Compliance | View Cloud Asset Compliance | Cloud Asset Compliance | Page | Not accessible |
| Cloud Asset Compliance | Update Benchmark settings | Benchmark Score | Score menu | Hidden |
| Cloud Asset Compliance | Manage Exclusions and Comments | Cloud Asset Compliance | Add exclusion/comment button in Comments section (drawer) | Hidden |
| Cloud Asset Compliance | Manage Exclusions and Comments | Cloud Asset Compliance | Delete exclusion/comment button in Comments section (drawer) | Hidden |
| Cloud Asset Compliance | Manage Exclusions and Comments | Cloud Asset Compliance | Edit exclusion/comment button in Comments section (drawer) | Hidden |