Detailed Role Permissions
When deciding whether to use default team roles or create a custom role, it can be helpful to review the RBAC permissions that Sysdig grants to the default roles.
This page provides a detailed outline of the permissions granted to the various default roles in Secure and Monitor.
Sysdig Monitor
Standard User
| categoryName | categoryDescription | description | action | itemDisplayName | itemDescription |
|---|---|---|---|---|---|
| Advisor | Manage access to Advisor | Access Advisor | READ | Advisor | OVERVIEWS |
| Advisor | Manage access to Advisor | Kubernetes API feature | READ | Kubernetes API | KUBERNETES_API_COMMANDS |
| Advisor | Manage access to Advisor | Access Live Logs feature | VIEW | Live Logs | LIVELOGS |
| Alerts | Manage access to Alerts | Acknowledge an event triggerred by an alert in the events feed in scope of a team | EDIT | Alert Events | ALERT_EVENTS |
| Alerts | Manage access to Alerts | Access the events generated by triggered alerts in scope of a team | READ | Alert Events | ALERT_EVENTS |
| Alerts | Manage access to Alerts | Modify alerts in scope of a team | EDIT | Alerts | ALERTS |
| Alerts | Manage access to Alerts | Access the alerts in scope of a team | READ | Alerts | ALERTS |
| Captures / Investigate | Manage access to Captures / Investigate | Modify captures | EDIT | Captures | CAPTURES |
| Captures / Investigate | Manage access to Captures / Investigate | Access captures | READ | Captures | CAPTURES |
| Captures / Investigate | Manage access to Captures / Investigate | View captures in the UI | VIEW | Captures | CAPTURES |
| Dashboards | Manage access to dashboards | N/A | READ | Dashboard Metrics Data | DASHBOARD_METRICS_DATA |
| Dashboards | Manage access to dashboards | Modify dashboards in scope of a team | EDIT | Dashboards | DASHBOARDS |
| Dashboards | Manage access to dashboards | Access dashboards in scope of a team | READ | Dashboards | DASHBOARDS |
| Data Access Settings | Manage access to Data Settings | Access data stream configuration | READ | Datastream | DATASTREAM |
| Data Access Settings | Manage access to Data Settings | Create and edit custom groupings | EDIT | Groupings | GROUPINGS |
| Data Access Settings | Manage access to Data Settings | Access default and custom groupings | READ | Groupings | GROUPINGS |
| Data Access Settings | Manage access to Data Settings | Access metrics data | READ | Metrics Data | METRICS_DATA |
| Data Access Settings | Manage access to Data Settings | Access metrics descriptors | READ | Metrics Descriptors | METRICS_DESCRIPTORS |
| Data Access Settings | Manage access to Data Settings | Access Prometheus metrics and labels | READ | PromQL Metadata | PROMQL_METADATA |
| Events | Manage access to Events | Acknowledge the infrastructure and other events created by Sysdig Agent or Sysdig API | EDIT | Custom Events | Infrastructure events or events created via API |
| Events | Manage access to Events | Access the infrastructure and other events created by Sysdig Agent or Sysdig API | READ | Custom Events | Infrastructure events or events created via API |
| Explore / Metrics | Manage access to Explore / Metrics | Use Agent Console commands | VIEW | Agent Console | AGENT_CLI |
| Explore / Metrics | Manage access to Explore / Metrics | Use Agent Console commands which access agent status | READ | Agent Console - Agent Status | AGENT_STATUS |
| Explore / Metrics | Manage access to Explore / Metrics | Use Agent Console commands to view the configuration of the agent which does not contain sensitive information like passwords | VIEW | Agent Console - Configuration | AGENT_CONFIGURATION |
| Explore / Metrics | Manage access to Explore / Metrics | Use Agent Console commands which make network calls to remote pods and endpoints | EXEC | Agent Console - Network Calls | AGENT_REMOTE_NETWORK_CALLS |
| Integrations | N/A | Modify custom integrations in spotlight | EDIT | Custom Integrations | Integrations created by the user manually, before the system automatic detection triggered |
| Integrations | N/A | Access custom integrations in spotlight | READ | Custom Integrations | Integrations created by the user manually, before the system automatic detection triggered |
| Integrations | N/A | Access Helm-renderer component | READ | Helm Renderer | HELM_RENDERER |
| Integrations | N/A | View discovered infrastructure | READ | Infrastructure | INFRASTRUCTURE |
| Integrations | N/A | View discovered workload integrations | READ | Integrations | INTEGRATIONS |
| Integrations | N/A | Change monitoring integration type or status | EDIT | Monitoring Integrations | PROMCAT_INTEGRATIONS |
| Integrations | N/A | Access monitoring integration type or status | READ | Monitoring Integrations | PROMCAT_INTEGRATIONS |
| Integrations | N/A | Change monitoring integration status to Pending Metrics | VALIDATE | Monitoring Integrations | PROMCAT_INTEGRATIONS |
| Integrations | N/A | N/A | READ | Providers | PROVIDERS |
| Integrations | N/A | Access spotlight | READ | Spotlight | SPOTLIGHT |
| Settings | N/A | Get agent access key (required for agent installation) | READ | Agent Installation | AGENT_INSTALLATION |
| Settings | N/A | List alert downtimes for the customer | READ | Alert Downtimes | DOWNTIMES |
| Settings | N/A | Reset users API token in scope of a team | EDIT | API Access Token | API_TOKEN |
| Settings | N/A | Access users API token in scope of a team | READ | API Access Token | API_TOKEN |
| Settings | N/A | View your API token | VIEW | API Access Token | API_TOKEN |
| Settings | N/A | Access AWS settings | READ | AWS Settings | AWS_SETTINGS |
| Settings | N/A | Access event forwarding configuration | READ | Events Forwarder | EVENTS_FORWARDER |
| Settings | N/A | Access global notification channels | READ | Global Notification Channels | GLOBAL_NOTIFICATION_CHANNELS |
| Settings | N/A | Access notification channels in scope of a team | READ | Notification Channels | NOTIFICATION_CHANNELS |
| Settings | N/A | Access service accounts in scope of a team | READ | Service Accounts | SERVICE_ACCOUNTS |
| Settings | N/A | Access customer subscription details | READ | Subscriptions | SUBSCRIPTIONS |
| Settings | N/A | View Sysdig storage configuration | READ | Sysdig Storage | SYSDIG_STORAGE |
View Only
| Advisor | Manage access to Advisor | Access Advisor | READ | Advisor | OVERVIEWS |
|---|---|---|---|---|---|
| Advisor | Manage access to Advisor | Kubernetes API feature | READ | Kubernetes API | KUBERNETES_API_COMMANDS |
| Advisor | Manage access to Advisor | Access Live Logs feature | VIEW | Live Logs | LIVELOGS |
| Alerts | Manage access to Alerts | Access the events generated by triggered alerts in scope of a team | READ | Alert Events | ALERT_EVENTS |
| Alerts | Manage access to Alerts | Access the alerts in scope of a team | READ | Alerts | ALERTS |
| Captures / Investigate | Manage access to Captures / Investigate | Access captures | READ | Captures | CAPTURES |
| Captures / Investigate | Manage access to Captures / Investigate | View captures in the UI | VIEW | Captures | CAPTURES |
| Dashboards | Manage access to dashboards | N/A | READ | Dashboard Metrics Data | DASHBOARD_METRICS_DATA |
| Dashboards | Manage access to dashboards | Access dashboards in scope of a team | READ | Dashboards | DASHBOARDS |
| Data Access Settings | Manage access to Data Settings | Access data stream configuration | READ | Datastream | DATASTREAM |
| Data Access Settings | Manage access to Data Settings | Create and edit custom groupings | EDIT | Groupings | GROUPINGS |
| Data Access Settings | Manage access to Data Settings | Access default and custom groupings | READ | Groupings | GROUPINGS |
| Data Access Settings | Manage access to Data Settings | Access metrics data | READ | Metrics Data | METRICS_DATA |
| Data Access Settings | Manage access to Data Settings | Access metrics descriptors | READ | Metrics Descriptors | METRICS_DESCRIPTORS |
| Data Access Settings | Manage access to Data Settings | Access Prometheus metrics and labels | READ | PromQL Metadata | PROMQL_METADATA |
| Events | Manage access to Events | Access the infrastructure and other events created by Sysdig Agent or Sysdig API | READ | Custom Events | Infrastructure events or events created via API |
| Explore / Metrics | Manage access to Explore / Metrics | Use Agent Console commands | VIEW | Agent Console | AGENT_CLI |
| Explore / Metrics | Manage access to Explore / Metrics | Use Agent Console commands which access agent status | READ | Agent Console - Agent Status | AGENT_STATUS |
| Explore / Metrics | Manage access to Explore / Metrics | Use Agent Console commands to view the configuration of the agent which does not contain sensitive information like passwords | VIEW | Agent Console - Configuration | AGENT_CONFIGURATION |
| Explore / Metrics | Manage access to Explore / Metrics | Use Agent Console commands which make network calls to remote pods and endpoints | EXEC | Agent Console - Network Calls | AGENT_REMOTE_NETWORK_CALLS |
| Explore / Metrics | Manage access to Explore / Metrics | Metric querying with Explore | READ | Explore | EXPLORE |
| Integrations | N/A | Access custom integrations in spotlight | READ | Custom Integrations | Integrations created by the user manually, before the system automatic detection triggered |
| Integrations | N/A | N/A | READ | File Storage Config | FILE_STORAGE_CONFIG |
| Integrations | N/A | Access Helm-renderer component | READ | Helm Renderer | HELM_RENDERER |
| Integrations | N/A | View discovered infrastructure | READ | Infrastructure | INFRASTRUCTURE |
| Integrations | N/A | View discovered workload integrations | READ | Integrations | INTEGRATIONS |
| Integrations | N/A | Access monitoring integration type or status | READ | Monitoring Integrations | PROMCAT_INTEGRATIONS |
| Integrations | N/A | Change monitoring integration status to Pending Metrics | VALIDATE | Monitoring Integrations | PROMCAT_INTEGRATIONS |
| Integrations | N/A | N/A | READ | Providers | PROVIDERS |
| Integrations | N/A | Access spotlight | READ | Spotlight | SPOTLIGHT |
| Settings | N/A | Get agent access key (required for agent installation) | READ | Agent Installation | AGENT_INSTALLATION |
| Settings | N/A | List alert downtimes for the customer | READ | Alert Downtimes | DOWNTIMES |
| Settings | N/A | Access users API token in scope of a team | READ | API Access Token | API_TOKEN |
| Settings | N/A | View your API token | VIEW | API Access Token | API_TOKEN |
| Settings | N/A | Access AWS settings | READ | AWS Settings | AWS_SETTINGS |
| Settings | N/A | Access event forwarding configuration | READ | Events Forwarder | EVENTS_FORWARDER |
| Settings | N/A | Access global notification channels | READ | Global Notification Channels | GLOBAL_NOTIFICATION_CHANNELS |
| Settings | N/A | Access notification channels in scope of a team | READ | Notification Channels | NOTIFICATION_CHANNELS |
| Settings | N/A | Access service accounts in scope of a team | READ | Service Accounts | SERVICE_ACCOUNTS |
| Settings | N/A | Access customer subscription details | READ | Subscriptions | SUBSCRIPTIONS |
| Settings | N/A | View Sysdig storage configuration | READ | Sysdig Storage | SYSDIG_STORAGE |
Team Manager
| categoryName | categoryDescription | description | action | itemDisplayName | itemDescription |
|---|---|---|---|---|---|
| Advisor | Manage access to Advisor | Access Advisor | READ | Advisor | OVERVIEWS |
| Advisor | Manage access to Advisor | Kubernetes API feature | READ | Kubernetes API | KUBERNETES_API_COMMANDS |
| Advisor | Manage access to Advisor | Access Live Logs feature | VIEW | Live Logs | LIVELOGS |
| Alerts | Manage access to Alerts | Acknowledge an event triggerred by an alert in the events feed in scope of a team | EDIT | Alert Events | ALERT_EVENTS |
| Alerts | Manage access to Alerts | Access the events generated by triggered alerts in scope of a team | READ | Alert Events | ALERT_EVENTS |
| Alerts | Manage access to Alerts | Modify alerts in scope of a team | EDIT | Alerts | ALERTS |
| Alerts | Manage access to Alerts | Access the alerts in scope of a team | READ | Alerts | ALERTS |
| Captures / Investigate | Manage access to Captures / Investigate | Modify captures | EDIT | Captures | CAPTURES |
| Captures / Investigate | Manage access to Captures / Investigate | Access captures | READ | Captures | CAPTURES |
| Captures / Investigate | Manage access to Captures / Investigate | View captures in the UI | VIEW | Captures | CAPTURES |
| Dashboards | Manage access to dashboards | N/A | READ | Dashboard Metrics Data | DASHBOARD_METRICS_DATA |
| Dashboards | Manage access to dashboards | Modify dashboards in scope of a team | EDIT | Dashboards | DASHBOARDS |
| Dashboards | Manage access to dashboards | Access dashboards in scope of a team | READ | Dashboards | DASHBOARDS |
| Data Access Settings | Manage access to Data Settings | Create and edit custom groupings | EDIT | Groupings | GROUPINGS |
| Data Access Settings | Manage access to Data Settings | Access default and custom groupings | READ | Groupings | GROUPINGS |
| Data Access Settings | Manage access to Data Settings | Access metrics data | READ | Metrics Data | METRICS_DATA |
| Data Access Settings | Manage access to Data Settings | Access metrics descriptors | READ | Metrics Descriptors | METRICS_DESCRIPTORS |
| Data Access Settings | Manage access to Data Settings | Access Prometheus metrics and labels | READ | PromQL Metadata | PROMQL_METADATA |
| Events | Manage access to Events | Acknowledge the infrastructure and other events created by Sysdig Agent or Sysdig API | EDIT | Custom Events | Infrastructure events or events created via API |
| Events | Manage access to Events | Access the infrastructure and other events created by Sysdig Agent or Sysdig API | READ | Custom Events | Infrastructure events or events created via API |
| Explore / Metrics | Manage access to Explore / Metrics | Use Agent Console commands | VIEW | Agent Console | AGENT_CLI |
| Explore / Metrics | Manage access to Explore / Metrics | Use Agent Console commands which access agent status | READ | Agent Console - Agent Status | AGENT_STATUS |
| Explore / Metrics | Manage access to Explore / Metrics | Use Agent Console commands to view the configuration of the agent which does not contain sensitive information like passwords | VIEW | Agent Console - Configuration | AGENT_CONFIGURATION |
| Explore / Metrics | Manage access to Explore / Metrics | Use Agent Console commands which make network calls to remote pods and endpoints | EXEC | Agent Console - Network Calls | AGENT_REMOTE_NETWORK_CALLS |
| Explore / Metrics | Manage access to Explore / Metrics | N/A | EDIT | Explore | EXPLORE |
| Explore / Metrics | Manage access to Explore / Metrics | Metric querying with Explore | READ | Explore | EXPLORE |
| Explore / Metrics | Manage access to Explore / Metrics | Share metrics grouping with the team | TOGGLE | Shared Groupings with Team | GROUPINGS_TEAM_SHARING |
| Integrations | N/A | Modify custom integrations in spotlight | EDIT | Custom Integrations | Integrations created by the user manually, before the system automatic detection triggered |
| Integrations | N/A | Access custom integrations in spotlight | READ | Custom Integrations | Integrations created by the user manually, before the system automatic detection triggered |
| Integrations | N/A | Access Helm-renderer component | READ | Helm Renderer | HELM_RENDERER |
| Integrations | N/A | View discovered infrastructure | READ | Infrastructure | INFRASTRUCTURE |
| Integrations | N/A | View discovered workload integrations | READ | Integrations | INTEGRATIONS |
| Integrations | N/A | Change monitoring integration type or status | EDIT | Monitoring Integrations | PROMCAT_INTEGRATIONS |
| Integrations | N/A | Access monitoring integration type or status | READ | Monitoring Integrations | PROMCAT_INTEGRATIONS |
| Integrations | N/A | Change monitoring integration status to Pending Metrics | VALIDATE | Monitoring Integrations | PROMCAT_INTEGRATIONS |
| Integrations | N/A | N/A | READ | Providers | PROVIDERS |
| Integrations | N/A | Access spotlight | READ | Spotlight | SPOTLIGHT |
| Settings | N/A | Get agent access key (required for agent installation) | READ | Agent Installation | AGENT_INSTALLATION |
| Settings | N/A | List alert downtimes for the customer | READ | Alert Downtimes | DOWNTIMES |
| Settings | N/A | Reset users API token in scope of a team | EDIT | API Access Token | API_TOKEN |
| Settings | N/A | Access users API token in scope of a team | READ | API Access Token | API_TOKEN |
| Settings | N/A | View your API token | VIEW | API Access Token | API_TOKEN |
| Settings | N/A | Access AWS settings | READ | AWS Settings | AWS_SETTINGS |
| Settings | N/A | Access event forwarding configuration | READ | Events Forwarder | EVENTS_FORWARDER |
| Settings | N/A | Access global notification channels | READ | Global Notification Channels | GLOBAL_NOTIFICATION_CHANNELS |
| Settings | N/A | Modify notification channels in scope of a team | EDIT | Notification Channels | NOTIFICATION_CHANNELS |
| Settings | N/A | Access notification channels in scope of a team | READ | Notification Channels | NOTIFICATION_CHANNELS |
| Settings | N/A | Modify service accounts in scope of a team | EDIT | Service Accounts | SERVICE_ACCOUNTS |
| Settings | N/A | Access service accounts in scope of a team | READ | Service Accounts | SERVICE_ACCOUNTS |
| Settings | N/A | Access customer subscription details | READ | Subscriptions | SUBSCRIPTIONS |
| Settings | N/A | View Sysdig storage configuration | READ | Sysdig Storage | SYSDIG_STORAGE |
| Settings | N/A | Modify team settings without the ability to modify team membership for users | MANAGE | Teams | TEAMS |
Advanced User
| categoryDescription | description | action | itemDisplayName | itemDescription |
|---|---|---|---|---|
| Manage access to Advisor | Access Advisor | READ | Advisor | OVERVIEWS |
| Manage access to Advisor | Kubernetes API feature | READ | Kubernetes API | KUBERNETES_API_COMMANDS |
| Manage access to Advisor | Access Live Logs feature | VIEW | Live Logs | LIVELOGS |
| Manage access to Alerts | Acknowledge an event triggerred by an alert in the events feed in scope of a team | EDIT | Alert Events | ALERT_EVENTS |
| Manage access to Alerts | Access the events generated by triggered alerts in scope of a team | READ | Alert Events | ALERT_EVENTS |
| Manage access to Alerts | Modify alerts in scope of a team | EDIT | Alerts | ALERTS |
| Manage access to Alerts | Access the alerts in scope of a team | READ | Alerts | ALERTS |
| Manage access to Captures / Investigate | Modify captures | EDIT | Captures | CAPTURES |
| Manage access to Captures / Investigate | Access captures | READ | Captures | CAPTURES |
| Manage access to Captures / Investigate | View captures in the UI | VIEW | Captures | CAPTURES |
| Manage access to dashboards | N/A | READ | Dashboard Metrics Data | DASHBOARD_METRICS_DATA |
| Manage access to dashboards | Modify dashboards in scope of a team | EDIT | Dashboards | DASHBOARDS |
| Manage access to dashboards | Access dashboards in scope of a team | READ | Dashboards | DASHBOARDS |
| Manage access to Data Settings | Create and edit custom groupings | EDIT | Groupings | GROUPINGS |
| Manage access to Data Settings | Access default and custom groupings | READ | Groupings | GROUPINGS |
| Manage access to Data Settings | Access metrics data | READ | Metrics Data | METRICS_DATA |
| Manage access to Data Settings | Access metrics descriptors | READ | Metrics Descriptors | METRICS_DESCRIPTORS |
| Manage access to Data Settings | Access Prometheus metrics and labels | READ | PromQL Metadata | PROMQL_METADATA |
| Manage access to Events | Acknowledge the infrastructure and other events created by Sysdig Agent or Sysdig API | EDIT | Custom Events | Infrastructure events or events created via API |
| Manage access to Events | Access the infrastructure and other events created by Sysdig Agent or Sysdig API | READ | Custom Events | Infrastructure events or events created via API |
| Manage access to Explore / Metrics | Use Agent Console commands | VIEW | Agent Console | AGENT_CLI |
| Manage access to Explore / Metrics | Use Agent Console commands which access agent status | READ | Agent Console - Agent Status | AGENT_STATUS |
| Manage access to Explore / Metrics | Use Agent Console commands to view the configuration of the agent which does not contain sensitive information like passwords | VIEW | Agent Console - Configuration | AGENT_CONFIGURATION |
| Manage access to Explore / Metrics | Use Agent Console commands which make network calls to remote pods and endpoints | EXEC | Agent Console - Network Calls | AGENT_REMOTE_NETWORK_CALLS |
| Manage access to Explore / Metrics | N/A | EDIT | Explore | EXPLORE |
| Manage access to Explore / Metrics | Metric querying with Explore | READ | Explore | EXPLORE |
| Manage access to Explore / Metrics | Share metrics grouping with the team | TOGGLE | Shared Groupings with Team | GROUPINGS_TEAM_SHARING |
| N/A | Modify custom integrations in spotlight | EDIT | Custom Integrations | Integrations created by the user manually, before the system automatic detection triggered |
| N/A | Access custom integrations in spotlight | READ | Custom Integrations | Integrations created by the user manually, before the system automatic detection triggered |
| N/A | Access Helm-renderer component | READ | Helm Renderer | HELM_RENDERER |
| N/A | View discovered infrastructure | READ | Infrastructure | INFRASTRUCTURE |
| N/A | View discovered workload integrations | READ | Integrations | INTEGRATIONS |
| N/A | Change monitoring integration type or status | EDIT | Monitoring Integrations | PROMCAT_INTEGRATIONS |
| N/A | Access monitoring integration type or status | READ | Monitoring Integrations | PROMCAT_INTEGRATIONS |
| N/A | Change monitoring integration status to Pending Metrics | VALIDATE | Monitoring Integrations | PROMCAT_INTEGRATIONS |
| N/A | N/A | READ | Providers | PROVIDERS |
| N/A | Access spotlight | READ | Spotlight | SPOTLIGHT |
| N/A | Get agent access key (required for agent installation) | READ | Agent Installation | AGENT_INSTALLATION |
| N/A | List alert downtimes for the customer | READ | Alert Downtimes | DOWNTIMES |
| N/A | Reset users API token in scope of a team | EDIT | API Access Token | API_TOKEN |
| N/A | Access users API token in scope of a team | READ | API Access Token | API_TOKEN |
| N/A | View your API token | VIEW | API Access Token | API_TOKEN |
| N/A | Access AWS settings | READ | AWS Settings | AWS_SETTINGS |
| N/A | Access event forwarding configuration | READ | Events Forwarder | EVENTS_FORWARDER |
| N/A | Access global notification channels | READ | Global Notification Channels | GLOBAL_NOTIFICATION_CHANNELS |
| N/A | Modify notification channels in scope of a team | EDIT | Notification Channels | NOTIFICATION_CHANNELS |
| N/A | Access notification channels in scope of a team | READ | Notification Channels | NOTIFICATION_CHANNELS |
| N/A | Access service accounts in scope of a team | READ | Service Accounts | SERVICE_ACCOUNTS |
| N/A | Access customer subscription details | READ | Subscriptions | SUBSCRIPTIONS |
| N/A | View Sysdig storage configuration | READ | Sysdig Storage | SYSDIG_STORAGE |
Sysdig Secure Team Roles
Standard User
| categoryName | categoryDescription | description | action | itemDisplayName | itemDescription |
|---|---|---|---|---|---|
| Advisor | Manage access to Advisor | Kubernetes API feature | READ | Kubernetes API | KUBERNETES_API_COMMANDS |
| Advisor | Manage access to Advisor | Access Live Logs feature | VIEW | Live Logs | LIVELOGS |
| Alerts | Manage access to Alerts | Access the alerts in scope of a team | READ | Alerts | ALERTS |
| Captures / Investigate | Manage access to Captures / Investigate | Access captures | READ | Captures | CAPTURES |
| Captures / Investigate | Manage access to Captures / Investigate | View captures in the UI | VIEW | Captures | CAPTURES |
| Data Access Settings | Manage access to Data Settings | Create and edit custom groupings | EDIT | Groupings | GROUPINGS |
| Data Access Settings | Manage access to Data Settings | Access default and custom groupings | READ | Groupings | GROUPINGS |
| Data Access Settings | Manage access to Data Settings | Access metrics data | READ | Metrics Data | METRICS_DATA |
| Data Access Settings | Manage access to Data Settings | Access metrics descriptors | READ | Metrics Descriptors | METRICS_DESCRIPTORS |
| Events | Manage access to Events | Access the infrastructure and other events created by Sysdig Agent or Sysdig API | READ | Custom Events | Infrastructure events or events created via API |
| Events | Manage access to Events | Access policy events | READ | Policy Events | POLICY_EVENTS |
| Explore / Metrics | Manage access to Explore / Metrics | Use Agent Console commands | VIEW | Agent Console | AGENT_CLI |
| Explore / Metrics | Manage access to Explore / Metrics | Use Agent Console commands which access agent status | READ | Agent Console - Agent Status | AGENT_STATUS |
| Explore / Metrics | Manage access to Explore / Metrics | Use Agent Console commands to view the configuration of the agent which does not contain sensitive information like passwords | VIEW | Agent Console - Configuration | AGENT_CONFIGURATION |
| Explore / Metrics | Manage access to Explore / Metrics | Use Agent Console commands which make network calls to remote pods and endpoints | EXEC | Agent Console - Network Calls | AGENT_REMOTE_NETWORK_CALLS |
| Explore / Metrics | Manage access to Explore / Metrics | Metric querying with Explore | READ | Explore | EXPLORE |
| Explore / Metrics | Manage access to Explore / Metrics | Share metrics grouping with the team | TOGGLE | Shared Groupings with Team | GROUPINGS_TEAM_SHARING |
| Integrations | N/A | Access Helm-renderer component | READ | Helm Renderer | HELM_RENDERER |
| Integrations | N/A | View discovered infrastructure | READ | Infrastructure | INFRASTRUCTURE |
| Integrations | N/A | Access monitoring integration type or status | READ | Monitoring Integrations | PROMCAT_INTEGRATIONS |
| Integrations | N/A | N/A | READ | Providers | PROVIDERS |
| Policies | Manage Access to Policy Configurations | View Posture policies | READ | Posture Policies | POSTURE_POLICIES |
| Policies | Manage Access to Policy Configurations | View Posture Controls | READ | Posture Controls | POSTURE_CONTROLS |
| Policies | Manage Access to Policy Configurations | View Zones that are assigned to current team | READ | Zones | ZONES |
| Posture | Manage Access to Posture Results and responses | Access Compliance results | READ | Compliance | COMPLIANCE_RESULTS |
| Posture | Manage Access to Posture Results and responses | Access to Posture Risk Acceptance management page | READ | Risk Acceptance | POSTURE_RISK_ACCEPTANCE |
| Posture | Manage Access to Posture Results and responses | Create and modify scheduled Legacy benchmark and compliance tasks | EDIT | Legacy Benchmark Tasks | BENCHMARK_TASKS |
| Posture | Manage Access to Posture Results and responses | Access scheduled Legacy benchmark tasks | READ | Legacy Benchmark Tasks | BENCHMARK_TASKS |
| Posture | Manage Access to Posture Results and responses | Access Legacy benchmark results | READ | Legacy Benchmarks | BENCHMARKS |
| Posture | Manage Access to Posture Results and responses | Access Legacy Compliance tasks and reports | READ | Legacy Compliance | COMPLIANCE |
| Risk | Manage access to Risks and Attack Path | Read Risks | READ | Risks | RISKS |
| Scanning | Manage access to Scanning | Import scanning images | EDIT | Image Import | SECURE_IMPORT_IMAGES |
| Scanning | Manage access to Scanning | Read scan results | READ | Scanning | SCANNING |
| Scanning | Manage access to Scanning | Access scanning alerts | READ | Scanning Alerts | SECURE_ALERTS |
| Scanning | Manage access to Scanning | Create scanning events | CREATE | Scanning Image Results | SECURE_IMAGES |
| Scanning | Manage access to Scanning | List scanning images | READ | Scanning Image Results | SECURE_IMAGES |
| Scanning | Manage access to Scanning | Query runtime containers API | EDIT | Scanning Runtime | SECURE_QUERY_CONTAINERS |
| Scanning | Manage access to Scanning | View and download existing reports | READ | Scanning Scheduled Reports | SECURE_REPORTS |
| Scanning | Manage access to Scanning | Access the trusted images list | READ | Scanning Trusted Images | SECURE_WHITELIST_IMAGES |
| Scanning | Manage access to Scanning | Access the untrusted images list | READ | Scanning Untrusted Images | SECURE_BLACKLIST_IMAGES |
| Scanning | Manage access to Scanning | Access vulnerability exceptions | READ | Scanning Vulnerability Exceptions | SECURE_WHITELIST |
| Settings | N/A | Get agent access key (required for agent installation) | READ | Agent Installation | AGENT_INSTALLATION |
| Settings | N/A | Reset users API token in scope of a team | EDIT | API Access Token | API_TOKEN |
| Settings | N/A | Access users API token in scope of a team | READ | API Access Token | API_TOKEN |
| Settings | N/A | View your API token | VIEW | API Access Token | API_TOKEN |
| Settings | N/A | Access AWS settings | READ | AWS Settings | AWS_SETTINGS |
| Settings | N/A | Access cloud accounts | READ | Cloud Accounts | CLOUD_ACCOUNTS |
| Settings | N/A | Access global notification channels | READ | Global Notification Channels | GLOBAL_NOTIFICATION_CHANNELS |
| Settings | N/A | Access IAC results | READ | IAC | IAC |
| Settings | N/A | Access notification channels in scope of a team | READ | Notification Channels | NOTIFICATION_CHANNELS |
| Settings | N/A | Access service accounts in scope of a team | READ | Service Accounts | SERVICE_ACCOUNTS |
| Settings | N/A | Access customer subscription details | READ | Subscriptions | SUBSCRIPTIONS |
| Settings | N/A | Modify Sysdig Secure configuration | EDIT | Sysdig Secure Settings | SECURE_SETTINGS |
| Settings | N/A | View Sysdig storage configuration | READ | Sysdig Storage | SYSDIG_STORAGE |
Service Manager
| categoryName | categoryDescription | description | action | itemDisplayName | itemDescription |
|---|---|---|---|---|---|
| Advisor | Manage access to Advisor | Kubernetes API feature | READ | Kubernetes API | KUBERNETES_API_COMMANDS |
| Advisor | Manage access to Advisor | Access Live Logs feature | VIEW | Live Logs | LIVELOGS |
| Alerts | Manage access to Alerts | Access the alerts in scope of a team | READ | Alerts | ALERTS |
| Captures / Investigate | Manage access to Captures / Investigate | Access captures | READ | Captures | CAPTURES |
| Captures / Investigate | Manage access to Captures / Investigate | View captures in the UI | VIEW | Captures | CAPTURES |
| Data Access Settings | Manage access to Data Settings | Create and edit custom groupings | EDIT | Groupings | GROUPINGS |
| Data Access Settings | Manage access to Data Settings | Access default and custom groupings | READ | Groupings | GROUPINGS |
| Data Access Settings | Manage access to Data Settings | Access metrics data | READ | Metrics Data | METRICS_DATA |
| Data Access Settings | Manage access to Data Settings | Access metrics descriptors | READ | Metrics Descriptors | METRICS_DESCRIPTORS |
| Events | Manage access to Events | Access the infrastructure and other events created by Sysdig Agent or Sysdig API | READ | Custom Events | Infrastructure events or events created via API |
| Events | Manage access to Events | Access policy events | READ | Policy Events | POLICY_EVENTS |
| Explore / Metrics | Manage access to Explore / Metrics | Use Agent Console commands | VIEW | Agent Console | AGENT_CLI |
| Explore / Metrics | Manage access to Explore / Metrics | Use Agent Console commands which access agent status | READ | Agent Console - Agent Status | AGENT_STATUS |
| Explore / Metrics | Manage access to Explore / Metrics | Use Agent Console commands to view the configuration of the agent which does not contain sensitive information like passwords | VIEW | Agent Console - Configuration | AGENT_CONFIGURATION |
| Explore / Metrics | Manage access to Explore / Metrics | Use Agent Console commands which make network calls to remote pods and endpoints | EXEC | Agent Console - Network Calls | AGENT_REMOTE_NETWORK_CALLS |
| Explore / Metrics | Manage access to Explore / Metrics | Metric querying with Explore | READ | Explore | EXPLORE |
| Explore / Metrics | Manage access to Explore / Metrics | Share metrics grouping with the team | TOGGLE | Shared Groupings with Team | GROUPINGS_TEAM_SHARING |
| Integrations | N/A | Access Helm-renderer component | READ | Helm Renderer | HELM_RENDERER |
| Integrations | N/A | View discovered infrastructure | READ | Infrastructure | INFRASTRUCTURE |
| Integrations | N/A | Access monitoring integration type or status | READ | Monitoring Integrations | PROMCAT_INTEGRATIONS |
| Integrations | N/A | N/A | READ | Providers | PROVIDERS |
| Policies | Manage Access to Policy Configurations | View Posture policies | READ | Posture Policies | POSTURE_POLICIES |
| Policies | Manage Access to Policy Configurations | View Posture Controls | READ | Posture Controls | POSTURE_CONTROLS |
| Policies | Manage Access to Policy Configurations | View Zones that are assigned to current team | READ | Zones | ZONES |
| Posture | Manage Access to Posture Results and responses | Access Compliance results | READ | Compliance | COMPLIANCE_RESULTS |
| Posture | Manage Access to Posture Results and responses | Access to Posture Risk Acceptance management page | READ | Risk Acceptance | POSTURE_RISK_ACCEPTANCE |
| Posture | Manage Access to Posture Results and responses | Create and modify scheduled Legacy benchmark and compliance tasks | EDIT | Legacy Benchmark Tasks | BENCHMARK_TASKS |
| Posture | Manage Access to Posture Results and responses | Access scheduled Legacy benchmark tasks | READ | Legacy Benchmark Tasks | BENCHMARK_TASKS |
| Posture | Manage Access to Posture Results and responses | Access Legacy benchmark results | READ | Legacy Benchmarks | BENCHMARKS |
| Posture | Manage Access to Posture Results and responses | Access Legacy Compliance tasks and reports | READ | Legacy Compliance | COMPLIANCE |
| Risk | Manage access to Risks and Attack Path | Read Risks | READ | Risks | RISKS |
| Scanning | Manage access to Scanning | Import scanning images | EDIT | Image Import | SECURE_IMPORT_IMAGES |
| Scanning | Manage access to Scanning | Execute backend scanning | EXEC | Scanning | SCANNING |
| Scanning | Manage access to Scanning | Read scan results | READ | Scanning | SCANNING |
| Scanning | Manage access to Scanning | Modify scanning alerts and registry credentials | WRITE | Scanning | SCANNING |
| Scanning | Manage access to Scanning | Modify scanning alerts | EDIT | Scanning Alerts | SECURE_ALERTS |
| Scanning | Manage access to Scanning | Access scanning alerts | READ | Scanning Alerts | SECURE_ALERTS |
| Scanning | Manage access to Scanning | Create scanning events | CREATE | Scanning Image Results | SECURE_IMAGES |
| Scanning | Manage access to Scanning | List scanning images | READ | Scanning Image Results | SECURE_IMAGES |
| Scanning | Manage access to Scanning | Access policy mappings | READ | Scanning Policy Assignments | SECURE_MAPPINGS |
| Scanning | Manage access to Scanning | Query runtime containers API | EDIT | Scanning Runtime | SECURE_QUERY_CONTAINERS |
| Scanning | Manage access to Scanning | View and download existing reports | READ | Scanning Scheduled Reports | SECURE_REPORTS |
| Scanning | Manage access to Scanning | Access the trusted images list | READ | Scanning Trusted Images | SECURE_WHITELIST_IMAGES |
| Scanning | Manage access to Scanning | Access the untrusted images list | READ | Scanning Untrusted Images | SECURE_BLACKLIST_IMAGES |
| Scanning | Manage access to Scanning | Access vulnerability exceptions | READ | Scanning Vulnerability Exceptions | SECURE_WHITELIST |
| Settings | N/A | Get agent access key (required for agent installation) | READ | Agent Installation | AGENT_INSTALLATION |
| Settings | N/A | Reset users API token in scope of a team | EDIT | API Access Token | API_TOKEN |
| Settings | N/A | Access users API token in scope of a team | READ | API Access Token | API_TOKEN |
| Settings | N/A | View your API token | VIEW | API Access Token | API_TOKEN |
| Settings | N/A | Access AWS settings | READ | AWS Settings | AWS_SETTINGS |
| Settings | N/A | Access cloud accounts | READ | Cloud Accounts | CLOUD_ACCOUNTS |
| Settings | N/A | Access global notification channels | READ | Global Notification Channels | GLOBAL_NOTIFICATION_CHANNELS |
| Settings | N/A | Access IAC results | READ | IAC | IAC |
| Settings | N/A | Modify notification channels in scope of a team | EDIT | Notification Channels | NOTIFICATION_CHANNELS |
| Settings | N/A | Access notification channels in scope of a team | READ | Notification Channels | NOTIFICATION_CHANNELS |
| Settings | N/A | Access service accounts in scope of a team | READ | Service Accounts | SERVICE_ACCOUNTS |
| Settings | N/A | Access customer subscription details | READ | Subscriptions | SUBSCRIPTIONS |
| Settings | N/A | Modify Sysdig Secure configuration | EDIT | Sysdig Secure Settings | SECURE_SETTINGS |
| Settings | N/A | View Sysdig storage configuration | READ | Sysdig Storage | SYSDIG_STORAGE |
| Settings | N/A | Invite other users to the teams | EDIT | Team Membership | TEAM_MEMBERSHIP |
| Settings | N/A | Access team members | READ | Team Membership | TEAM_MEMBERSHIP |
| Settings | N/A | Modify team members roles | EDIT | Team Membership Roles | TEAM_MEMBERSHIP_ROLE |
| Settings | N/A | Modify team settings without the ability to modify team membership for users | MANAGE | Teams | TEAMS |
| Settings | N/A | N/A | READ | Teams | TEAMS |
| Settings | N/A | Access existing users data | READ | Users | USERS |
View Only
| categoryName | categoryDescription | description | action | itemDisplayName | itemDescription |
|---|---|---|---|---|---|
| Advisor | Manage access to Advisor | Kubernetes API feature | READ | Kubernetes API | KUBERNETES_API_COMMANDS |
| Advisor | Manage access to Advisor | Access Live Logs feature | VIEW | Live Logs | LIVELOGS |
| Alerts | Manage access to Alerts | Access the alerts in scope of a team | READ | Alerts | ALERTS |
| Captures / Investigate | Manage access to Captures / Investigate | Access activity audit commands | READ | Activity Audit Commands | COMMANDS |
| Captures / Investigate | Manage access to Captures / Investigate | Access captures | READ | Captures | CAPTURES |
| Captures / Investigate | Manage access to Captures / Investigate | View captures in the UI | VIEW | Captures | CAPTURES |
| Data Access Settings | Manage access to Data Settings | Create and edit custom groupings | EDIT | Groupings | GROUPINGS |
| Data Access Settings | Manage access to Data Settings | Access default and custom groupings | READ | Groupings | GROUPINGS |
| Data Access Settings | Manage access to Data Settings | Access metrics data | READ | Metrics Data | METRICS_DATA |
| Data Access Settings | Manage access to Data Settings | Access metrics descriptors | READ | Metrics Descriptors | METRICS_DESCRIPTORS |
| Events | Manage access to Events | Access the infrastructure and other events created by Sysdig Agent or Sysdig API | READ | Custom Events | Infrastructure events or events created via API |
| Events | Manage access to Events | Access policy events | READ | Policy Events | POLICY_EVENTS |
| Explore / Metrics | Manage access to Explore / Metrics | Use Agent Console commands | VIEW | Agent Console | AGENT_CLI |
| Explore / Metrics | Manage access to Explore / Metrics | Use Agent Console commands which access agent status | READ | Agent Console - Agent Status | AGENT_STATUS |
| Explore / Metrics | Manage access to Explore / Metrics | Use Agent Console commands to view the configuration of the agent which does not contain sensitive information like passwords | VIEW | Agent Console - Configuration | AGENT_CONFIGURATION |
| Explore / Metrics | Manage access to Explore / Metrics | Use Agent Console commands which make network calls to remote pods and endpoints | EXEC | Agent Console - Network Calls | AGENT_REMOTE_NETWORK_CALLS |
| Explore / Metrics | Manage access to Explore / Metrics | Metric querying with Explore | READ | Explore | EXPLORE |
| Integrations | N/A | Access Helm-renderer component | READ | Helm Renderer | HELM_RENDERER |
| Integrations | N/A | View discovered infrastructure | READ | Infrastructure | INFRASTRUCTURE |
| Integrations | N/A | Access monitoring integration type or status | READ | Monitoring Integrations | PROMCAT_INTEGRATIONS |
| Integrations | N/A | N/A | READ | Providers | PROVIDERS |
| INTERNAL_UNCATEGORIZED | INTERNAL_UNCATEGORIZED | N/A | READ | Audit Policies | SECURE_AUDIT_POLICIES |
| Network Security | N/A | Access Kubernetes Network Security policy advisor | READ | Network Security | NETSEC |
| Policies | Manage Access to Policy Configurations | View Posture policies | READ | Posture Policies | POSTURE_POLICIES |
| Policies | Manage Access to Policy Configurations | View Posture Controls | READ | Posture Controls | POSTURE_CONTROLS |
| Policies | Manage Access to Policy Configurations | View Zones that are assigned to current team | READ | Zones | ZONES |
| Policies | N/A | View existing image profiles | READ | Image profiling | PROFILING |
| Policies | N/A | Access policies | READ | Policies | POLICIES |
| Policies | N/A | Read PSP advisor simulations | READ | Policy Advisor | PADVISOR |
| Posture | Manage Access to Posture Results and responses | Access Compliance results | READ | Compliance | COMPLIANCE_RESULTS |
| Posture | Manage Access to Posture Results and responses | Access to Posture Risk Acceptance management page | READ | Risk Acceptance | POSTURE_RISK_ACCEPTANCE |
| Posture | Manage Access to Posture Results and responses | Create and modify scheduled Legacy benchmark and compliance tasks | EDIT | Legacy Benchmark Tasks | BENCHMARK_TASKS |
| Posture | Manage Access to Posture Results and responses | Access scheduled Legacy benchmark tasks | READ | Legacy Benchmark Tasks | BENCHMARK_TASKS |
| Posture | Manage Access to Posture Results and responses | Access Legacy benchmark results | READ | Legacy Benchmarks | BENCHMARKS |
| Posture | Manage Access to Posture Results and responses | Access Legacy Compliance tasks and reports | READ | Legacy Compliance | COMPLIANCE |
| Scanning | Manage access to Scanning | Read scan results | READ | Scanning | SCANNING |
| Scanning | Manage access to Scanning | Access scanning alerts | READ | Scanning Alerts | SECURE_ALERTS |
| Scanning | Manage access to Scanning | List scanning images | READ | Scanning Image Results | SECURE_IMAGES |
| Scanning | Manage access to Scanning | Access security policies | READ | Scanning Policies | SECURE_POLICY |
| Scanning | Manage access to Scanning | Access policy mappings | READ | Scanning Policy Assignments | SECURE_MAPPINGS |
| Scanning | Manage access to Scanning | List container registries | READ | Scanning Registry Credentials | SECURE_REGISTRY |
| Scanning | Manage access to Scanning | Query runtime containers API | EDIT | Scanning Runtime | SECURE_QUERY_CONTAINERS |
| Scanning | Manage access to Scanning | View and download existing reports | READ | Scanning Scheduled Reports | SECURE_REPORTS |
| Scanning | Manage access to Scanning | Access the trusted images list | READ | Scanning Trusted Images | SECURE_WHITELIST_IMAGES |
| Scanning | Manage access to Scanning | Access the untrusted images list | READ | Scanning Untrusted Images | SECURE_BLACKLIST_IMAGES |
| Scanning | Manage access to Scanning | Access vulnerability exceptions | READ | Scanning Vulnerability Exceptions | SECURE_WHITELIST |
| Settings | N/A | Get agent access key (required for agent installation) | READ | Agent Installation | AGENT_INSTALLATION |
| Settings | N/A | Reset users API token in scope of a team | EDIT | API Access Token | API_TOKEN |
| Settings | N/A | Access users API token in scope of a team | READ | API Access Token | API_TOKEN |
| Settings | N/A | View your API token | VIEW | API Access Token | API_TOKEN |
| Settings | N/A | Access AWS settings | READ | AWS Settings | AWS_SETTINGS |
| Settings | N/A | Access cloud accounts | READ | Cloud Accounts | CLOUD_ACCOUNTS |
| Settings | N/A | Access global notification channels | READ | Global Notification Channels | GLOBAL_NOTIFICATION_CHANNELS |
| Settings | N/A | Access IAC results | READ | IAC | IAC |
| Settings | N/A | Access notification channels in scope of a team | READ | Notification Channels | NOTIFICATION_CHANNELS |
| Settings | N/A | Access service accounts in scope of a team | READ | Service Accounts | SERVICE_ACCOUNTS |
| Settings | N/A | Access customer subscription details | READ | Subscriptions | SUBSCRIPTIONS |
| Settings | N/A | Modify Sysdig Secure configuration | EDIT | Sysdig Secure Settings | SECURE_SETTINGS |
| Settings | N/A | View Sysdig storage configuration | READ | Sysdig Storage | SYSDIG_STORAGE |
Team Manager
| categoryName | categoryDescription | description | action | itemDisplayName | itemDescription |
|---|---|---|---|---|---|
| Advisor | Manage access to Advisor | Kubernetes API feature | READ | Kubernetes API | KUBERNETES_API_COMMANDS |
| Advisor | Manage access to Advisor | Access Live Logs feature | VIEW | Live Logs | LIVELOGS |
| Alerts | Manage access to Alerts | Modify alerts in scope of a team | EDIT | Alerts | ALERTS |
| Alerts | Manage access to Alerts | Access the alerts in scope of a team | READ | Alerts | ALERTS |
| Captures / Investigate | Manage access to Captures / Investigate | Access activity audit commands | READ | Activity Audit Commands | COMMANDS |
| Captures / Investigate | Manage access to Captures / Investigate | Modify captures | EDIT | Captures | CAPTURES |
| Captures / Investigate | Manage access to Captures / Investigate | Access captures | READ | Captures | CAPTURES |
| Captures / Investigate | Manage access to Captures / Investigate | View captures in the UI | VIEW | Captures | CAPTURES |
| Captures / Investigate | Manage access to Captures / Investigate | Use rapid response | EXEC | Rapid Response | RAPID_RESPONSE |
| Data Access Settings | Manage access to Data Settings | Access data stream configuration | READ | Datastream | DATASTREAM |
| Data Access Settings | Manage access to Data Settings | Create and edit custom groupings | EDIT | Groupings | GROUPINGS |
| Data Access Settings | Manage access to Data Settings | Access default and custom groupings | READ | Groupings | GROUPINGS |
| Data Access Settings | Manage access to Data Settings | Access metrics data | READ | Metrics Data | METRICS_DATA |
| Data Access Settings | Manage access to Data Settings | Access metrics descriptors | READ | Metrics Descriptors | METRICS_DESCRIPTORS |
| Events | Manage access to Events | Access the infrastructure and other events created by Sysdig Agent or Sysdig API | READ | Custom Events | Infrastructure events or events created via API |
| Events | Manage access to Events | Access policy events | READ | Policy Events | POLICY_EVENTS |
| Explore / Metrics | Manage access to Explore / Metrics | Use Agent Console commands | VIEW | Agent Console | AGENT_CLI |
| Explore / Metrics | Manage access to Explore / Metrics | Use Agent Console commands which access agent status | READ | Agent Console - Agent Status | AGENT_STATUS |
| Explore / Metrics | Manage access to Explore / Metrics | Use Agent Console commands to view the configuration of the agent which does not contain sensitive information like passwords | VIEW | Agent Console - Configuration | AGENT_CONFIGURATION |
| Explore / Metrics | Manage access to Explore / Metrics | Use Agent Console commands which make network calls to remote pods and endpoints | EXEC | Agent Console - Network Calls | AGENT_REMOTE_NETWORK_CALLS |
| Explore / Metrics | Manage access to Explore / Metrics | N/A | EDIT | Explore | EXPLORE |
| Explore / Metrics | Manage access to Explore / Metrics | Metric querying with Explore | READ | Explore | EXPLORE |
| Explore / Metrics | Manage access to Explore / Metrics | Share metrics grouping with the team | TOGGLE | Shared Groupings with Team | GROUPINGS_TEAM_SHARING |
| Integrations | N/A | Access Helm-renderer component | READ | Helm Renderer | HELM_RENDERER |
| Integrations | N/A | View discovered infrastructure | READ | Infrastructure | INFRASTRUCTURE |
| Integrations | N/A | Access monitoring integration type or status | READ | Monitoring Integrations | PROMCAT_INTEGRATIONS |
| Integrations | N/A | N/A | READ | Providers | PROVIDERS |
| INTERNAL_UNCATEGORIZED | INTERNAL_UNCATEGORIZED | N/A | READ | Audit Policies | SECURE_AUDIT_POLICIES |
| Network Security | N/A | Access Kubernetes Network Security policy advisor | READ | Network Security | NETSEC |
| Policies | Manage Access to Policy Configurations | View and Edit All Zones | EDIT | Zones | ZONES |
| Policies | Manage Access to Policy Configurations | View and Edit Posture policies | EDIT | Posture Policies | POSTURE_POLICIES |
| Policies | Manage Access to Policy Configurations | View and Edit Posture Controls | EDIT | Posture Controls | POSTURE_CONTROLS |
| Policies | N/A | Execute image profiling | EXEC | Image profiling | PROFILING |
| Policies | N/A | View existing image profiles | READ | Image profiling | PROFILING |
| Policies | N/A | Write image profiles | WRITE | Image profiling | PROFILING |
| Policies | N/A | Modify policies | EDIT | Policies | POLICIES |
| Policies | N/A | Access policies | READ | Policies | POLICIES |
| Policies | N/A | Execute PSP advisor simulation | EXEC | Policy Advisor | PADVISOR |
| Policies | N/A | Read PSP advisor simulations | READ | Policy Advisor | PADVISOR |
| Policies | N/A | Create PSP advisor simulation | WRITE | Policy Advisor | PADVISOR |
| Posture | Manage Access to Posture Results and Responses | Access Compliance results | READ | Compliance | COMPLIANCE_RESULTS |
| Posture | Access to Posture Results and Responses | Access and modify Posture Risk Acceptance | EDIT | Risk Acceptance | POSTURE_RISK_ACCEPTANCE |
| Posture | Access to Posture Results and Responses | Setup Pull Requests from posture remediation panel | EDIT | Open PR | POSTURE_OPEN_PR |
| Posture | Access to Posture Results and Responses | Access, Create and modify scheduled Legacy benchmark and compliance tasks | EDIT | Legacy Benchmark Tasks | BENCHMARK_TASKS |
| Posture | Access to Posture Results and Responses | Access Legacy benchmark results | READ | Legacy Benchmarks | BENCHMARKS |
| Posture | Access to Posture Results and Responses | Access Legacy Compliance tasks and reports | READ | Legacy Compliance | COMPLIANCE |
| Risk | Manage access to Risks and Attack Path | Read Risks | READ | Risks | RISKS |
| Scanning | Manage access to Scanning | Import scanning images | EDIT | Image Import | SECURE_IMPORT_IMAGES |
| Scanning | Manage access to Scanning | Execute backend scanning | EXEC | Scanning | SCANNING |
| Scanning | Manage access to Scanning | Read scan results | READ | Scanning | SCANNING |
| Scanning | Manage access to Scanning | Modify scanning alerts and registry credentials | WRITE | Scanning | SCANNING |
| Scanning | Manage access to Scanning | Modify scanning alerts | EDIT | Scanning Alerts | SECURE_ALERTS |
| Scanning | Manage access to Scanning | Access scanning alerts | READ | Scanning Alerts | SECURE_ALERTS |
| Scanning | Manage access to Scanning | Create scanning events | CREATE | Scanning Image Results | SECURE_IMAGES |
| Scanning | Manage access to Scanning | List scanning images | READ | Scanning Image Results | SECURE_IMAGES |
| Scanning | Manage access to Scanning | Modify security policies | EDIT | Scanning Policies | SECURE_POLICY |
| Scanning | Manage access to Scanning | Access security policies | READ | Scanning Policies | SECURE_POLICY |
| Scanning | Manage access to Scanning | Create and modify policy mappings | EDIT | Scanning Policy Assignments | SECURE_MAPPINGS |
| Scanning | Manage access to Scanning | Access policy mappings | READ | Scanning Policy Assignments | SECURE_MAPPINGS |
| Scanning | Manage access to Scanning | Create and modify container registries configuration | EDIT | Scanning Registry Credentials | SECURE_REGISTRY |
| Scanning | Manage access to Scanning | List container registries | READ | Scanning Registry Credentials | SECURE_REGISTRY |
| Scanning | Manage access to Scanning | Query runtime containers API | EDIT | Scanning Runtime | SECURE_QUERY_CONTAINERS |
| Scanning | Manage access to Scanning | Create and modify reports | EDIT | Scanning Scheduled Reports | SECURE_REPORTS |
| Scanning | Manage access to Scanning | View and download existing reports | READ | Scanning Scheduled Reports | SECURE_REPORTS |
| Scanning | Manage access to Scanning | Modify the trusted images list | EDIT | Scanning Trusted Images | SECURE_WHITELIST_IMAGES |
| Scanning | Manage access to Scanning | Access the trusted images list | READ | Scanning Trusted Images | SECURE_WHITELIST_IMAGES |
| Scanning | Manage access to Scanning | Modify the untrusted images list | EDIT | Scanning Untrusted Images | SECURE_BLACKLIST_IMAGES |
| Scanning | Manage access to Scanning | Access the untrusted images list | READ | Scanning Untrusted Images | SECURE_BLACKLIST_IMAGES |
| Scanning | Manage access to Scanning | Edit vulnerability exceptions | EDIT | Scanning Vulnerability Exceptions | SECURE_WHITELIST |
| Scanning | Manage access to Scanning | Access vulnerability exceptions | READ | Scanning Vulnerability Exceptions | SECURE_WHITELIST |
| Settings | N/A | Get agent access key (required for agent installation) | READ | Agent Installation | AGENT_INSTALLATION |
| Settings | N/A | Reset users API token in scope of a team | EDIT | API Access Token | API_TOKEN |
| Settings | N/A | Access users API token in scope of a team | READ | API Access Token | API_TOKEN |
| Settings | N/A | View your API token | VIEW | API Access Token | API_TOKEN |
| Settings | N/A | Access AWS settings | READ | AWS Settings | AWS_SETTINGS |
| Settings | N/A | Access cloud accounts | READ | Cloud Accounts | CLOUD_ACCOUNTS |
| Settings | N/A | Access global notification channels | READ | Global Notification Channels | GLOBAL_NOTIFICATION_CHANNELS |
| Settings | N/A | Access IAC results | READ | IAC | IAC |
| Settings | N/A | Modify notification channels in scope of a team | EDIT | Notification Channels | NOTIFICATION_CHANNELS |
| Settings | N/A | Access notification channels in scope of a team | READ | Notification Channels | NOTIFICATION_CHANNELS |
| Settings | N/A | Modify service accounts in scope of a team | EDIT | Service Accounts | SERVICE_ACCOUNTS |
| Settings | N/A | Access service accounts in scope of a team | READ | Service Accounts | SERVICE_ACCOUNTS |
| Settings | N/A | Access customer subscription details | READ | Subscriptions | SUBSCRIPTIONS |
| Settings | N/A | Modify Sysdig Secure configuration | EDIT | Sysdig Secure Settings | SECURE_SETTINGS |
| Settings | N/A | View Sysdig storage configuration | READ | Sysdig Storage | SYSDIG_STORAGE |
| Settings | N/A | Modify team settings without the ability to modify team membership for users | MANAGE | Teams | TEAMS |
Advanced User
| categoryName | categoryDescription | description | action | itemDisplayName | itemDescription |
|---|---|---|---|---|---|
| Advisor | Manage access to Advisor | Kubernetes API feature | READ | Kubernetes API | KUBERNETES_API_COMMANDS |
| Advisor | Manage access to Advisor | Access Live Logs feature | VIEW | Live Logs | LIVELOGS |
| Alerts | Manage access to Alerts | Modify alerts in scope of a team | EDIT | Alerts | ALERTS |
| Alerts | Manage access to Alerts | Access the alerts in scope of a team | READ | Alerts | ALERTS |
| Captures / Investigate | Manage access to Captures / Investigate | Access activity audit commands | READ | Activity Audit Commands | COMMANDS |
| Captures / Investigate | Manage access to Captures / Investigate | Modify captures | EDIT | Captures | CAPTURES |
| Captures / Investigate | Manage access to Captures / Investigate | Access captures | READ | Captures | CAPTURES |
| Captures / Investigate | Manage access to Captures / Investigate | View captures in the UI | VIEW | Captures | CAPTURES |
| Captures / Investigate | Manage access to Captures / Investigate | Use rapid response | EXEC | Rapid Response | RAPID_RESPONSE |
| Data Access Settings | Manage access to Data Settings | Access data stream configuration | READ | Datastream | DATASTREAM |
| Data Access Settings | Manage access to Data Settings | Create and edit custom groupings | EDIT | Groupings | GROUPINGS |
| Data Access Settings | Manage access to Data Settings | Access default and custom groupings | READ | Groupings | GROUPINGS |
| Data Access Settings | Manage access to Data Settings | Access metrics data | READ | Metrics Data | METRICS_DATA |
| Data Access Settings | Manage access to Data Settings | Access metrics descriptors | READ | Metrics Descriptors | METRICS_DESCRIPTORS |
| Events | Manage access to Events | Access the infrastructure and other events created by Sysdig Agent or Sysdig API | READ | Custom Events | Infrastructure events or events created via API |
| Events | Manage access to Events | Access policy events | READ | Policy Events | POLICY_EVENTS |
| Explore / Metrics | Manage access to Explore / Metrics | Use Agent Console commands | VIEW | Agent Console | AGENT_CLI |
| Explore / Metrics | Manage access to Explore / Metrics | Use Agent Console commands which access agent status | READ | Agent Console - Agent Status | AGENT_STATUS |
| Explore / Metrics | Manage access to Explore / Metrics | Use Agent Console commands to view the configuration of the agent which does not contain sensitive information like passwords | VIEW | Agent Console - Configuration | AGENT_CONFIGURATION |
| Explore / Metrics | Manage access to Explore / Metrics | Use Agent Console commands which make network calls to remote pods and endpoints | EXEC | Agent Console - Network Calls | AGENT_REMOTE_NETWORK_CALLS |
| Explore / Metrics | Manage access to Explore / Metrics | N/A | EDIT | Explore | EXPLORE |
| Explore / Metrics | Manage access to Explore / Metrics | Metric querying with Explore | READ | Explore | EXPLORE |
| Explore / Metrics | Manage access to Explore / Metrics | Share metrics grouping with the team | TOGGLE | Shared Groupings with Team | GROUPINGS_TEAM_SHARING |
| Integrations | N/A | Access Helm-renderer component | READ | Helm Renderer | HELM_RENDERER |
| Integrations | N/A | View discovered infrastructure | READ | Infrastructure | INFRASTRUCTURE |
| Integrations | N/A | Access monitoring integration type or status | READ | Monitoring Integrations | PROMCAT_INTEGRATIONS |
| Integrations | N/A | N/A | READ | Providers | PROVIDERS |
| Network Security | N/A | Access Kubernetes Network Security policy advisor | READ | Network Security | NETSEC |
| Policies | Manage Access to Policy Configurations | View and Edit All Zones | EDIT | Zones | ZONES |
| Policies | Manage Access to Policy Configurations | View and Edit Posture policies | EDIT | Posture Policies | POSTURE_POLICIES |
| Policies | Manage Access to Policy Configurations | View and Edit Posture Controls | EDIT | Posture Controls | POSTURE_CONTROLS |
| Policies | N/A | Execute image profiling | EXEC | Image profiling | PROFILING |
| Policies | N/A | View existing image profiles | READ | Image profiling | PROFILING |
| Policies | N/A | Write image profiles | WRITE | Image profiling | PROFILING |
| Policies | N/A | Modify policies | EDIT | Policies | POLICIES |
| Policies | N/A | Access policies | READ | Policies | POLICIES |
| Policies | N/A | Execute PSP advisor simulation | EXEC | Policy Advisor | PADVISOR |
| Policies | N/A | Read PSP advisor simulations | READ | Policy Advisor | PADVISOR |
| Policies | N/A | Create PSP advisor simulation | WRITE | Policy Advisor | PADVISOR |
| Posture | Manage Access to Posture Results and Responses | Access Compliance results | READ | Compliance | COMPLIANCE_RESULTS |
| Posture | Access to Posture Results and Responses | Access and modify Posture Risk Acceptance | EDIT | Risk Acceptance | POSTURE_RISK_ACCEPTANCE |
| Posture | Access to Posture Results and Responses | Setup Pull Requests from posture remediation panel | EDIT | Open PR | POSTURE_OPEN_PR |
| Posture | Access to Posture Results and Responses | Access, Create and modify scheduled Legacy benchmark and compliance tasks | EDIT | Legacy Benchmark Tasks | BENCHMARK_TASKS |
| Posture | Access to Posture Results and Responses | Access Legacy benchmark results | READ | Legacy Benchmarks | BENCHMARKS |
| Posture | Access to Posture Results and Responses | Access Legacy Compliance tasks and reports | READ | Legacy Compliance | COMPLIANCE |
| Risk | Manage access to Risks and Attack Path | Read Risks | READ | Risks | RISKS |
| Scanning | Manage access to Scanning | Import scanning images | EDIT | Image Import | SECURE_IMPORT_IMAGES |
| Scanning | Manage access to Scanning | Execute backend scanning | EXEC | Scanning | SCANNING |
| Scanning | Manage access to Scanning | Read scan results | READ | Scanning | SCANNING |
| Scanning | Manage access to Scanning | Modify scanning alerts and registry credentials | WRITE | Scanning | SCANNING |
| Scanning | Manage access to Scanning | Modify scanning alerts | EDIT | Scanning Alerts | SECURE_ALERTS |
| Scanning | Manage access to Scanning | Access scanning alerts | READ | Scanning Alerts | SECURE_ALERTS |
| Scanning | Manage access to Scanning | Create scanning events | CREATE | Scanning Image Results | SECURE_IMAGES |
| Scanning | Manage access to Scanning | List scanning images | READ | Scanning Image Results | SECURE_IMAGES |
| Scanning | Manage access to Scanning | Modify security policies | EDIT | Scanning Policies | SECURE_POLICY |
| Scanning | Manage access to Scanning | Access security policies | READ | Scanning Policies | SECURE_POLICY |
| Scanning | Manage access to Scanning | Create and modify policy mappings | EDIT | Scanning Policy Assignments | SECURE_MAPPINGS |
| Scanning | Manage access to Scanning | Access policy mappings | READ | Scanning Policy Assignments | SECURE_MAPPINGS |
| Scanning | Manage access to Scanning | Create and modify container registries configuration | EDIT | Scanning Registry Credentials | SECURE_REGISTRY |
| Scanning | Manage access to Scanning | List container registries | READ | Scanning Registry Credentials | SECURE_REGISTRY |
| Scanning | Manage access to Scanning | Query runtime containers API | EDIT | Scanning Runtime | SECURE_QUERY_CONTAINERS |
| Scanning | Manage access to Scanning | Create and modify reports | EDIT | Scanning Scheduled Reports | SECURE_REPORTS |
| Scanning | Manage access to Scanning | View and download existing reports | READ | Scanning Scheduled Reports | SECURE_REPORTS |
| Scanning | Manage access to Scanning | Modify the trusted images list | EDIT | Scanning Trusted Images | SECURE_WHITELIST_IMAGES |
| Scanning | Manage access to Scanning | Access the trusted images list | READ | Scanning Trusted Images | SECURE_WHITELIST_IMAGES |
| Scanning | Manage access to Scanning | Modify the untrusted images list | EDIT | Scanning Untrusted Images | SECURE_BLACKLIST_IMAGES |
| Scanning | Manage access to Scanning | Access the untrusted images list | READ | Scanning Untrusted Images | SECURE_BLACKLIST_IMAGES |
| Scanning | Manage access to Scanning | Edit vulnerability exceptions | EDIT | Scanning Vulnerability Exceptions | SECURE_WHITELIST |
| Scanning | Manage access to Scanning | Access vulnerability exceptions | READ | Scanning Vulnerability Exceptions | SECURE_WHITELIST |
| Settings | N/A | Get agent access key (required for agent installation) | READ | Agent Installation | AGENT_INSTALLATION |
| Settings | N/A | Reset users API token in scope of a team | EDIT | API Access Token | API_TOKEN |
| Settings | N/A | Access users API token in scope of a team | READ | API Access Token | API_TOKEN |
| Settings | N/A | View your API token | VIEW | API Access Token | API_TOKEN |
| Settings | N/A | Access AWS settings | READ | AWS Settings | AWS_SETTINGS |
| Settings | N/A | Access cloud accounts | READ | Cloud Accounts | CLOUD_ACCOUNTS |
| Settings | N/A | Access global notification channels | READ | Global Notification Channels | GLOBAL_NOTIFICATION_CHANNELS |
| Settings | N/A | Access IAC results | READ | IAC | IAC |
| Settings | N/A | Modify notification channels in scope of a team | EDIT | Notification Channels | NOTIFICATION_CHANNELS |
| Settings | N/A | Access notification channels in scope of a team | READ | Notification Channels | NOTIFICATION_CHANNELS |
| Settings | N/A | Access service accounts in scope of a team | READ | Service Accounts | SERVICE_ACCOUNTS |
| Settings | N/A | Access customer subscription details | READ | Subscriptions | SUBSCRIPTIONS |
| Settings | N/A | Modify Sysdig Secure configuration | EDIT | Sysdig Secure Settings | SECURE_SETTINGS |
| Settings | N/A | View Sysdig storage configuration | READ | Sysdig Storage | SYSDIG_STORAGE |
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.