Administer > Roles and permissions > Permissions

Permissions

Permissions define the action (such as scan, remediate, or import) that can be taken against an object type. Permissions cannot be added, edited, or deleted.

HPE ITOC permissions

Permission name Permission description
Approve Business Services
  • Approves business services
  • Rejects business services
  • Comments on business services
  • Requires Read All permission
Approve Policies
  • Approves policies
  • Rejects policies
  • Comments on policies
  • Requires Read All permission
Approve Statements of Applicability
  • Approves SoAs
  • Rejects SoAs
  • Comments on SoAs
  • Requires Read All permission
Business Administration
  • Sets compliance threshold
  • Sets business object ID prefixes
  • Sets workflows
  • Configures notifications
Read All
  • Views policy properties, requirements, rules, and compliance score

  • Views business service properties (including default maintenance windows), topology, and compliance score

  • Views SoA properties (including maintenance windows), exceptions, and compliance score

  • Views control properties and scripts

  • Views IT resource properties

  • Reads maintenance windows from the business service or SoA associated with a specified window
Read and Approve Controls
  • Views control properties, scripts, and parameters
  • Approves on controls
  • Rejects on controls
  • Comments on controls
Read and Write Controls
  • Views control properties, scripts, and parameters
  • Creates controls
  • Imports controls
  • Edits control properties, scripts, and parameters
  • Comments on controls
  • Submits controls
  • Makes controls obsolete
Read and Write Maintenance Windows
    • Read maintenance windows
    • Create maintenance windows
    • Edit maintenance windows
    • Delete maintenance windows
    Read and Write Resources
    • Views resources and compliance score
    • Creates resources
    • Imports resources
    • Edits resources
    • Makes resources obsolete
    • Installs agents
    Run Remediation Jobs
    • Runs on-demand remediation jobs
    • Requires Read All permission
    Run Scan Compliance Jobs
    • Runs on-demand scan compliance jobs
    • Requires Read All permission.
    System Administration
    • Sets system configurations
    • Sets up email integration with SMTP
    • Sets schedule for recompliance calculation
    • Sets schedule for user to perform LDAP synchronization
    		•
    Write Business Services
    • Creates new business services or new draft revisions
    • Imports new business services
    • Edits business services properties and topology
    • Comments on business services
    • Submits business services
    • Makes business services obsolete
    • Requires Read All permission.
    Write Policies

    • Creates new policies or new draft revisions

    • Imports policies

    • Edits policy properties, requirements, and rules

    • Comments on policies
    • Submits policies
    • Makes policies obsolete
    • Requires Read All permission
    Write Statements of Applicability
    • Creates new SoAs and new draft revisions
    • Edits SoA properties and exceptions
    • Assigns maintenance windows to SoAs
    • Comments on SoAs
    • Submits SoAs
    • Makes SoAs obsolete
    • Requires Read All permission.

    Related Topics IconRelated Information

    Send Help Center feedback