Actions and permissions (Preview)
Each action that you assign to a role provides permissions to perform specific tasks and access to data.
Note
This feature is supported for hosted customers only and is in preview mode. For access to this feature, contact Contrast support.
On-premises customers manage Contrast access by setting up organization users and access groups.
Organization actions and permissions
This action: | Includes these permissions: | And is part of these built-in roles | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
View organization | General
Reports
| Organization viewer App Security administrator DevOps administrator | ||||||||||
Edit organization | General
Policies
Security
Reports
| Organization editor | ||||||||||
Manage organization rules | General
Policies
Reports
| Organization rules administrator | ||||||||||
Manage organization |
| Organization administrator DevOps administrator | ||||||||||
Manage platform organization | Access control
Reports
| DevOps administrator Organization administrator | ||||||||||
View audit logs | Security
| Organization administrator |
Application actions and permissions
This action: | Includes these permissions: | And is part of these built-in roles | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
View application |
| Organization viewer DevOps administrator App security administrator Application viewer Application administrator Application editor Application rules administrator | ||||||||||||
Edit application |
| Application administrator Application editor App security administrator | ||||||||||||
Manage application rules |
| Application rules administrator App Security administrator Application administrator | ||||||||||||
Manage application |
| Application administrator |
Project actions and permissions
This action: | Includes these permissions: | And is part of these built-in roles |
---|---|---|
View project | Scan
| DevOps administrator App Security administrator Project viewer Project administrator |
Upload scans | Scan
| Scan uploader |
View, edit, delete project | Scan
| App security administrator Project administrator |
Create project | Scan
| Project administrator |
Edit project | Scan
| Project administrator |
Delete project | Scan
| Project administrator |
Protect actions and permissions
This action: | Includes these permissions: | And is part of these built-in resource groups |
---|---|---|
Access Protect | Protect
| Protect viewer |
Manage Protect exclusions | Protect
| Protect exclusion administrator |
Manage Protect policies | Protect
| Protect policy administrator |
Manage Protect sensitive data policies | Protect
| Protect sensitive data administrator |
View attack data | Protect
| App security engineer |
SCA projects actions and permissions
This action: | Includes these permissions: | And is part of these built-in roles |
---|---|---|
View SCA projects | Libraries View SCA project details | SCA project group viewer SCA project group administrator |
Create SCA projects | Libraries
| SCA project group administrator |
Delete SCA projects | Libraries
| SCA project group administrator |
Manage SCA projects | Libraries
| SCA project group administrator |
Serverless actions and permissions
This action: | Includes these permissions: | And is part of these built-in roles |
---|---|---|
View Serverless | Serverless
| Serverless user |