System Roles and Permissions
The following table lists the roles and associated permissions used to manage Code Insight at the system level. The initial Code Insight System Administrator (and any subsequent System Administrators) manages user accounts and assigns system-level roles to any of these users as needed. For more information, see Managing Users in the “Configuring Code Insight” chapter.
One user can be assigned multiple roles.
| Roles | |||
|---|---|---|---|
| Responsibility | Permissions | Notes | |
| Administer Code Insight | Manage user accounts and permissions, create other system administrators, create policy managers, and allow all/or specified users to create projects | ||
| Schedule or force Electronic Updates/Library Refreshes | X | ||
| Configure an email server workflow notifications | X | ||
| Configure LDAP users | X | ||
| Configure Application Lifecycle (ALM) instances to manage inventory review tasks | X | ||
| Configure Scan Servers and scan profiles | X | ||
| Define global project defaults | X | ||
| Determine the CVSS version used for security vulnerability reporting | X | ||
| Create and manage custom fields for inventory and projects | X | ||
| View Code Insight logs | X | ||
| Suppress security vulnerabilities | X | ||
| Manage polices for automating inventory review processes | Manage policies | X | |
| Force automatic review of inventory across all projects | X | ||
| Create projects | Create public and private projects | The user who creates a project automatically becomes the Project Contact for that project. (See Project Roles and Permissions for additional Project Contacts permissions.) | X |
Manage project folders (in Projects pane) | X | X | |
| Manage custom components and custom licenses | Manage custom components and custom licenses by creating, editing, and deleting them as required. | X | |
| Manage custom detection rules | Manage custom detection rules by creating, editing and deleting them as required. | X |