Configure User Permissions for a Scanner Group

Required Tenable Vulnerability Management User Role: Scan Manager or Administrator

You can configure scanner group permissions for individual users or a user group. If you configure scanner group permissions for a user group, you assign all users in that group the same permissions. For more information, see User Groups.

You can assign the following scanner group permissions to a user or user group:

• No Access — (All Users user group only) No users (except for users or groups you specifically assign permissions) can use the scanner group in scan configurations.
• Can Use — The user or user group can use the scanner group in scan configurations. The user or user group (assuming they have the Scan Manager or Administrator user role) can view but not edit the scanner group configuration.

• Can Manage — The user or user group can use the scanner group in scan configurations. The user or user group (assuming they have the Scan Manager or Administrator user role) can view and edit the scanner group configuration.

  Note: All users with the Scan Manager user role have Can Manage permissions for scanner groups, regardless of the scanner group permission they are assigned.

To configure user permissions for a scanner group:

1. Create or edit a scanner group.
2. During scanner group configuration, in the Users & Groups section, do any of the following:
   • Edit permissions for the All Users user group.

     1. Next to the permission drop-down for the All Users group, click the button.

     2. Select a permissions level.
   • Add a user or user group to the scanner group.

     1. In the User & Groups heading, click the button.

        The Add Users & Group plane appears.

     2. In the Search field, type or click the drop-down to find and add a user or group.

        Tip: Tenable recommends assigning permissions to user groups, rather than individual users, to minimize maintenance as individual users leave or join your organization.

        Added users and groups appear below the Search field.

     3. Click the Add button.

        The scanner group plane appears.

        By default, Tenable Vulnerability Management assigns the added user or user group Can Use permissions.

   • Edit permissions for an existing user or user group.

     1. Next to the permissions drop-down for the user or user group you want to edit, click the button.

     2. Select a permissions level.
   • Remove a user or user group from the scanner group.

     1. Roll over the user or group you want to remove.

     2. Click the button next to the user or user group.

        The user or group disappears from the Users & Groups list.

3. Click Save.

   Tenable Vulnerability Management saves your changes to the scanner group.

What to do next:

• Use the scanner group in a scan configuration.