TOC & Recently Viewed

Recently Viewed Topics

ACL Objects

Access Control List (ACL) objects control the permissions related to scans in Tenable.io. Each object represents an entity assigned permissions for the scan.

You can specify ACL objects when creating a scan, and you can view the ACL objects when viewing details for a scan.

The supported attributes of an ACL object is described below.

Object Syntax

{ "permissions": {integer}, "owner": {string}, "display_name": {string}, "name": {string}, "id": {string}, "type": {string} }

Object Attributes

The table below defines the attributes of an ACL object.

Attribute Value Description
owner integer

A value that indicates whether the user or user group specified in the object owns the scan. Possible values include:

  • null—System-owned permissions.
  • 0—The user is not the owner of the scan.
  • 1—The user is the owner of the scan.
type string

The type of scan permissions:

  • default—The default permissions for the scan.
  • user—Permissions for an individual user.
  • group—Permissions for a user group.
permissions integer The scan permission. For more information, see Permissions.
id integer A number representing the order in which the user or user groups display in the Permissions tab in the Tenable.io user interface.
name string The name of the user or group granted the specified permissions.
display_name string The display-friendly name of the user or group granted the specified permissions.

Object Example

{ "permissions": 0, "owner": null, "display_name": null, "name": null, "id": null, "type": "default" }, { "permissions": 16, "owner": 0, "display_name": "Business Analysts", "name": "business analysts", "id": 1, "type": "group" }, { "permissions": 128, "owner": 1, "display_name": "user1@ example.com", "name": "user1@example.com", "id": 2, "type": "user" }

Default Objects

If your request to create a scan omits the acls parameter, Tenable.io adds the following permissions to the scan by default:

  • Default access set to "No access" (0)
  • Owner access set to "Owner" (128)

The following objects represent these default permissions:

{ "permissions": 0, "owner": null, "display_name": null, "name": null, "id": null, "type": "default" }, { "permissions": 128, "owner": 1, "display_name": "display name of account used to create the scan", "name": "user name of account used to create the scan", "id": 2, "type": "user" }

 

Copyright © 2019 Tenable, Inc. All rights reserved. Tenable, Tenable.io, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc.. Tenable.sc, Lumin, Assure, and the Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.