Cyber Security Asset Management User Roles and Permissions

The Cyber Security Asset Management has 4 OOTB (Out-of-the-box) roles for CSAM users:

• CSAM Manager: CSAM Manager has all permissions, and can grant or remove permissions to or from other users.
• CSAM User: CSAM User is a sub-user with either limited assets access or all assets access. CSAM Manager can choose the permissions to be granted to this type of user. CSAM Sub-user can also be granted CSAM Manager role.
• CSAM Job Manager: CSAM Job Manager are granted the "Uninstall Job" permission.
• CSAM Job User: CSAM Job user is granted with "View-Only" access to "Uninstall Job".

There must be at least one Superuser per Customer subscription.

The Cyber Security Asset Management module has several permission groups related to specific permission categories. The following are the permission categories for this module: 

Permission Categories	Description	Default Roles
		CSAM Manager	CSAM User
Asset Identification Rule Permissions	Create, Edit, Delete your Asset identification Rule		N
	Create, edit, and delete your Reconcilation Rule		N
Software Rule permissions	Create, Edit, and Delete your Software rule		N
	Edit and Delete any Software rule		N
Asset Permissions	Update Asset		N
Alerting Permissions	Alerting Access
	Create, Edit, and Delete your action		N
	Edit and Delete any action		N
	Create, Edit, and Delete your rule		N
	Edit and Delete any rule.		N
AI Permissions	AI UI Access
Business Entities Permissions	View Business Entities		N
EASM Permissions	View , Edit and Delete any EASM profile.		N
	Create, Edit, and Delete your EASM profile		N
	View EASM Configurations		N
Open Port Rule Permissions	Create, Edit, and Delete your Open Port Rule		N
	Edit and Delete any Open Port Rule		N
Tag Permissions	Create User Tag
	Edit User Tag
	Delete Tag
Dynamic Rule	Modify		N
	View		N
Report Permissions	Create
	Update
	Delete