TOC & Recently Viewed

Recently Viewed Topics

Configure User Permissions for an Access Group

Required User Role: Administrator

You can configure access group permissions for individual users or a user group. If you configure access group permissions for a group, you assign all users in that group the same permissions. For more information, see User Groups.

You can assign the following access group permissions to a user or user group:

  • No Access—(All Users user group only) Except for those users or groups you specifically assign permissions, no users can scan the assets or targets specified in the access group, or view individual or aggregated scan results for the assets or targets in the asset group.
  • Can View—The user's view in aggregated scan results (workbenches/dashboards) includes data from scans of the assets or targets specified in the access group. If you assign this permission to the All Users group for the access group, all users can view aggregated scan results for the assets or targets in the access group.
  • Can Scan—Users can scan assets or targets specified in the access group and view individual scan results for the assets or targets. If you do not have this permission, Tenable.io does not prevent you from configuring a scan using assets or targets specified in the access group; however, the scanner does not scan the assets or targets. If you assign this permission to the All Users group for the access group, all users can scan the assets or targets in the access group and view the related individual scan results.

User permissions in an access group are cumulative, rather than hierarchical. To allow a user to scan an asset or target and view results for that asset or target in aggregated results, you must set the user's permissions in the access group to both Can View and Can Scan.

Tip: To run scans auditing cloud infrastructure, configure a Scan Target access group that includes the target 127.0.0.1 and user permissions set to Can Scan.

To configure user permissions for an access group:

  1. Create or edit an access group.

  2. Do any of the following:

Copyright © 2019 Tenable, Inc. All rights reserved. Tenable, Tenable.io, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc.. Tenable.sc, Lumin, Assure, and the Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.