Roles

Roles define the permissions a user has in the Analytics Hub portal. Users can be assigned one or more roles; effective access is the union of assigned permissions.

Tip:  Where to find this in the Analytics Hub portal:
Admin Area → Access Control → Roles

Use the checkboxes to run actions on one or more roles. Supported actions on this page are:

  • New Role: Create a role, name and describe it, and select permissions (see Create a Role).

  • Delete: Remove selected role(s).

    Important:  Use caution. Users assigned to a deleted role lose those permissions. If that role is their only role, they lose access to the system.

  • Edit: Change a role’s name, description, or permissions.

Tip:  Finding Actions on Grids

Actions may appear as toolbar buttons, links in grid rows, or inside the More actions () menu. If you don’t see an action as a button or in the grid, open More actions () and look for it there. Availability of actions depends on your selection, item status, and permissions.

Figure 63: Roles

Filter the grid using the search, then choose how many items to display in the Rows per page dropdown (e.g., 10, 25, 50). Use the Next/Previous controls to view additional records. Most fields are sortable.

The built-in roles are Administrator, Operator, Unrestricted, and User.

Table 4: Permissions

Permission Grants Access to Analytics Hub Portal Areas
Application
  • Dashboards → Crypto Inventory
  • Dashboards → TLS
  • Dashboards → SSH
  • Issues → Results
  • Evidence
  • Explore
  • Reports
Audit

  • Admin Area → Settings → Audit Log
Issue Configuration

  • Issues → Profiles

  • Issues → Policies

  • Issues → Rules
Login

  • Notifications

  • User Menu

  • About

This permission is required to login to the Analytics Hub portal.
Registry Configuration modification via the command line interface (CLI).
Security

  • Admin Area → Access Control → LDAP

  • Admin Area → Access Control → SAML

  • Admin Area → Settings → Security → TLS Certificate

  • Admin Area → Settings → Security → HTTP Headers

  • Admin Area → Settings → Support Connection
Sensor Configuration

  • Sensors: Full Control

This permission must be granted in conjunction with Sensor Status.
Sensor Status

  • Sensors: Read Only
Shell

  • Admin Area → Settings → Security → Shell Password

  • Admin Area → System Management → Shell
System Configuration
  • Admin Area → Settings → Licensing
  • Admin Area → Settings → Network
  • Admin Area → Settings → Time
  • Admin Area → Settings → SMTP
  • Admin Area → Settings → Syslog
  • Admin Area → Settings → Certificate Validation
System Management

  • Admin Area → System Management → Updates

  • Admin Area → System Management → Backups

  • Admin Area → System Management → File Management

  • Admin Area → System Management → Jobs

  • Admin Area → System Management → Restart System

  • Admin Area → System Management → Power System Down

  • Admin Area → System Management → Clear User Data
System State Reports

  • System State Reports
User Management
  • Admin Area → Access Control → Users
  • Admin Area → Access Control → Roles
  • Admin Area → Access Control → API Keys
Create a Role

To add a new role:

  1. Browse to Admin Area → Access Control → Roles and click New Role.

    Figure 64: Add a Role

  2. In the New Role dialog, enter a Name for the role.
  3. Optionally, enter a Description for the role.
  4. Use the Permissions dropdown to add permissions. Selected permissions appear as tags (e.g., Application X, Issue Configuration X). Click X to remove a tag.
  5. Click Save to create the record.