System Roles and Permissions
The following table lists the roles and associated permissions used to manage Code Insight at the system level. The initial Code Insight System Administrator (and any subsequent System Administrators) manages user accounts and assigns system-level roles to any of these users as needed. For more information, see “Managing Users” in the “Configuring Code Insight” chapter in the Code Insight Installation and Configuration Guide.
One user can be assigned to multiple system roles.
| Roles | |||
|---|---|---|---|
| Responsibility | Permissions | Notes | |
| Administer Code Insight | Manage user accounts and permissions, create other system administrators, create policy managers, and allow all/or specified users to create projects | ||
| Schedule or force Electronic Updates/Library Refreshes | X | ||
| Configure an email server workflow notifications | X | ||
| Configure LDAP users | X | ||
| Configure Application Lifecycle (ALM) instances to manage inventory review tasks | X | ||
| Configure Scan Servers and scan profiles | X | ||
| Define global project defaults | X | ||
| Determine the CVSS version used for security vulnerability reporting | X | ||
| Create and manage custom fields for inventory and projects | X | ||
| View Code Insight logs | X | ||
| Suppress security vulnerabilities | X | ||
| Manage polices for automating inventory review processes | Manage policies | X | |
| Force automatic review of inventory across all projects | X | ||
| Create projects | Create public and private projects | The user who creates a project automatically becomes the Project Contact for that project. (See Project Roles and Permissions for additional Project Contacts permissions.) | X |
Manage project folders (in Projects pane) | X | X |