Custom Roles

This section and the topics in it describe the performance of and functionality for a new feature in Tenable.io Key Enhancements. For more information, see Tenable.io Key Enhancements.

You can create custom roles for users on your Tenable.io instance to give those users privileges that are specific to your organization's needs.

When you create a custom role, you can add some or all of the following privileges. You can also edit a custom role to remove privileges. Which privileges you can add to or remove from a role depend on the area of Tenable.io where each privilege applies.

Note: A user's access to resources on the account may be limited by their permissions, regardless of their role.

  • Create — Allows the user to create a new item in the area where the privilege applies.

  • Read — Allows the user to view items in the area where the privilege applies.

  • Update — Allows the user to modify items in the area where the privilege applies.

  • Delete — Allows the user to delete items in the area where the privilege applies.

The following table describes the privilege options available for custom roles in different sections of Tenable.io.

Note: When you create a custom role, you must include Read privileges for the General Settings, License, and My Account sections. If you do not include Read privileges for these sections, users assigned to the role will be unable to log in to Tenable.io.

Section Privilege Options
Account
Access Control

Create , Delete, Read, Update

General Setting Read, Update
Activity Log Read
APIKey Create
License Read
My Account Read, Update
Workspaces
Asset Read
Finding Read