This the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

Detailed Role Permissions

    When deciding whether to use default team roles or create a custom role, it can be helpful to review the RBAC permissions that Sysdig grants to the roles of Standard User, Advanced User, etc.

    Sysdig Monitor

    Standard User

    categoryNamecategoryDescriptiondescriptionactionitemDisplayNameitemDescription
    AdvisorManage access to AdvisorAccess AdvisorREADAdvisorOVERVIEWS
    AdvisorManage access to AdvisorKubernetes API featureREADKubernetes APIKUBERNETES_API_COMMANDS
    AdvisorManage access to AdvisorAccess Live Logs featureVIEWLive LogsLIVELOGS
    AlertsManage access to AlertsAcknowledge an event triggerred by an alert in the events feed in scope of a teamEDITAlert EventsALERT_EVENTS
    AlertsManage access to AlertsAccess the events generated by triggered alerts in scope of a teamREADAlert EventsALERT_EVENTS
    AlertsManage access to AlertsModify alerts in scope of a teamEDITAlertsALERTS
    AlertsManage access to AlertsAccess the alerts in scope of a teamREADAlertsALERTS
    Captures / InvestigateManage access to Captures / InvestigateModify capturesEDITCapturesCAPTURES
    Captures / InvestigateManage access to Captures / InvestigateAccess capturesREADCapturesCAPTURES
    Captures / InvestigateManage access to Captures / InvestigateView captures in the UIVIEWCapturesCAPTURES
    DashboardsManage access to dashboardsN/AREADDashboard Metrics DataDASHBOARD_METRICS_DATA
    DashboardsManage access to dashboardsModify dashboards in scope of a teamEDITDashboardsDASHBOARDS
    DashboardsManage access to dashboardsAccess dashboards in scope of a teamREADDashboardsDASHBOARDS
    Data Access SettingsManage access to Data SettingsAccess data stream configurationREADDatastreamDATASTREAM
    Data Access SettingsManage access to Data SettingsCreate and edit custom groupingsEDITGroupingsGROUPINGS
    Data Access SettingsManage access to Data SettingsAccess default and custom groupingsREADGroupingsGROUPINGS
    Data Access SettingsManage access to Data SettingsAccess metrics dataREADMetrics DataMETRICS_DATA
    Data Access SettingsManage access to Data SettingsAccess metrics descriptorsREADMetrics DescriptorsMETRICS_DESCRIPTORS
    Data Access SettingsManage access to Data SettingsAccess Prometheus metrics and labelsREADPromQL MetadataPROMQL_METADATA
    EventsManage access to EventsAcknowledge the infrastructure and other events created by Sysdig Agent or Sysdig APIEDITCustom EventsInfrastructure events or events created via API
    EventsManage access to EventsAccess the infrastructure and other events created by Sysdig Agent or Sysdig APIREADCustom EventsInfrastructure events or events created via API
    Explore / MetricsManage access to Explore / MetricsUse Agent Console commandsVIEWAgent ConsoleAGENT_CLI
    Explore / MetricsManage access to Explore / MetricsUse Agent Console commands which access agent statusREADAgent Console - Agent StatusAGENT_STATUS
    Explore / MetricsManage access to Explore / MetricsUse Agent Console commands to view the configuration of the agent which does not contain sensitive information like passwordsVIEWAgent Console - ConfigurationAGENT_CONFIGURATION
    Explore / MetricsManage access to Explore / MetricsUse Agent Console commands which make network calls to remote pods and endpointsEXECAgent Console - Network CallsAGENT_REMOTE_NETWORK_CALLS
    IntegrationsN/AModify custom integrations in spotlightEDITCustom IntegrationsIntegrations created by the user manually, before the system automatic detection triggered
    IntegrationsN/AAccess custom integrations in spotlightREADCustom IntegrationsIntegrations created by the user manually, before the system automatic detection triggered
    IntegrationsN/AAccess Helm-renderer componentREADHelm RendererHELM_RENDERER
    IntegrationsN/AView discovered infrastructureREADInfrastructureINFRASTRUCTURE
    IntegrationsN/AView discovered workload integrationsREADIntegrationsINTEGRATIONS
    IntegrationsN/AChange monitoring integration type or statusEDITMonitoring IntegrationsPROMCAT_INTEGRATIONS
    IntegrationsN/AAccess monitoring integration type or statusREADMonitoring IntegrationsPROMCAT_INTEGRATIONS
    IntegrationsN/AChange monitoring integration status to Pending MetricsVALIDATEMonitoring IntegrationsPROMCAT_INTEGRATIONS
    IntegrationsN/AN/AREADProvidersPROVIDERS
    IntegrationsN/AAccess spotlightREADSpotlightSPOTLIGHT
    SettingsN/AGet agent access key (required for agent installation)READAgent InstallationAGENT_INSTALLATION
    SettingsN/AList alert downtimes for the customerREADAlert DowntimesDOWNTIMES
    SettingsN/AReset users API token in scope of a teamEDITAPI Access TokenAPI_TOKEN
    SettingsN/AAccess users API token in scope of a teamREADAPI Access TokenAPI_TOKEN
    SettingsN/AView your API tokenVIEWAPI Access TokenAPI_TOKEN
    SettingsN/AAccess AWS settingsREADAWS SettingsAWS_SETTINGS
    SettingsN/AAccess event forwarding configurationREADEvents ForwarderEVENTS_FORWARDER
    SettingsN/AAccess global notification channelsREADGlobal Notification ChannelsGLOBAL_NOTIFICATION_CHANNELS
    SettingsN/AAccess notification channels in scope of a teamREADNotification ChannelsNOTIFICATION_CHANNELS
    SettingsN/AAccess service accounts in scope of a teamREADService AccountsSERVICE_ACCOUNTS
    SettingsN/AAccess customer subscription detailsREADSubscriptionsSUBSCRIPTIONS
    SettingsN/AView Sysdig storage configurationREADSysdig StorageSYSDIG_STORAGE

    View Only

    AdvisorManage access to AdvisorAccess AdvisorREADAdvisorOVERVIEWS
    AdvisorManage access to AdvisorKubernetes API featureREADKubernetes APIKUBERNETES_API_COMMANDS
    AdvisorManage access to AdvisorAccess Live Logs featureVIEWLive LogsLIVELOGS
    AlertsManage access to AlertsAccess the events generated by triggered alerts in scope of a teamREADAlert EventsALERT_EVENTS
    AlertsManage access to AlertsAccess the alerts in scope of a teamREADAlertsALERTS
    Captures / InvestigateManage access to Captures / InvestigateAccess capturesREADCapturesCAPTURES
    Captures / InvestigateManage access to Captures / InvestigateView captures in the UIVIEWCapturesCAPTURES
    DashboardsManage access to dashboardsN/AREADDashboard Metrics DataDASHBOARD_METRICS_DATA
    DashboardsManage access to dashboardsAccess dashboards in scope of a teamREADDashboardsDASHBOARDS
    Data Access SettingsManage access to Data SettingsAccess data stream configurationREADDatastreamDATASTREAM
    Data Access SettingsManage access to Data SettingsCreate and edit custom groupingsEDITGroupingsGROUPINGS
    Data Access SettingsManage access to Data SettingsAccess default and custom groupingsREADGroupingsGROUPINGS
    Data Access SettingsManage access to Data SettingsAccess metrics dataREADMetrics DataMETRICS_DATA
    Data Access SettingsManage access to Data SettingsAccess metrics descriptorsREADMetrics DescriptorsMETRICS_DESCRIPTORS
    Data Access SettingsManage access to Data SettingsAccess Prometheus metrics and labelsREADPromQL MetadataPROMQL_METADATA
    EventsManage access to EventsAccess the infrastructure and other events created by Sysdig Agent or Sysdig APIREADCustom EventsInfrastructure events or events created via API
    Explore / MetricsManage access to Explore / MetricsUse Agent Console commandsVIEWAgent ConsoleAGENT_CLI
    Explore / MetricsManage access to Explore / MetricsUse Agent Console commands which access agent statusREADAgent Console - Agent StatusAGENT_STATUS
    Explore / MetricsManage access to Explore / MetricsUse Agent Console commands to view the configuration of the agent which does not contain sensitive information like passwordsVIEWAgent Console - ConfigurationAGENT_CONFIGURATION
    Explore / MetricsManage access to Explore / MetricsUse Agent Console commands which make network calls to remote pods and endpointsEXECAgent Console - Network CallsAGENT_REMOTE_NETWORK_CALLS
    Explore / MetricsManage access to Explore / MetricsMetric querying with ExploreREADExploreEXPLORE
    IntegrationsN/AAccess custom integrations in spotlightREADCustom IntegrationsIntegrations created by the user manually, before the system automatic detection triggered
    IntegrationsN/AN/AREADFile Storage ConfigFILE_STORAGE_CONFIG
    IntegrationsN/AAccess Helm-renderer componentREADHelm RendererHELM_RENDERER
    IntegrationsN/AView discovered infrastructureREADInfrastructureINFRASTRUCTURE
    IntegrationsN/AView discovered workload integrationsREADIntegrationsINTEGRATIONS
    IntegrationsN/AAccess monitoring integration type or statusREADMonitoring IntegrationsPROMCAT_INTEGRATIONS
    IntegrationsN/AChange monitoring integration status to Pending MetricsVALIDATEMonitoring IntegrationsPROMCAT_INTEGRATIONS
    IntegrationsN/AN/AREADProvidersPROVIDERS
    IntegrationsN/AAccess spotlightREADSpotlightSPOTLIGHT
    SettingsN/AGet agent access key (required for agent installation)READAgent InstallationAGENT_INSTALLATION
    SettingsN/AList alert downtimes for the customerREADAlert DowntimesDOWNTIMES
    SettingsN/AAccess users API token in scope of a teamREADAPI Access TokenAPI_TOKEN
    SettingsN/AView your API tokenVIEWAPI Access TokenAPI_TOKEN
    SettingsN/AAccess AWS settingsREADAWS SettingsAWS_SETTINGS
    SettingsN/AAccess event forwarding configurationREADEvents ForwarderEVENTS_FORWARDER
    SettingsN/AAccess global notification channelsREADGlobal Notification ChannelsGLOBAL_NOTIFICATION_CHANNELS
    SettingsN/AAccess notification channels in scope of a teamREADNotification ChannelsNOTIFICATION_CHANNELS
    SettingsN/AAccess service accounts in scope of a teamREADService AccountsSERVICE_ACCOUNTS
    SettingsN/AAccess customer subscription detailsREADSubscriptionsSUBSCRIPTIONS
    SettingsN/AView Sysdig storage configurationREADSysdig StorageSYSDIG_STORAGE

    Team Manager

    categoryNamecategoryDescriptiondescriptionactionitemDisplayNameitemDescription
    AdvisorManage access to AdvisorAccess AdvisorREADAdvisorOVERVIEWS
    AdvisorManage access to AdvisorKubernetes API featureREADKubernetes APIKUBERNETES_API_COMMANDS
    AdvisorManage access to AdvisorAccess Live Logs featureVIEWLive LogsLIVELOGS
    AlertsManage access to AlertsAcknowledge an event triggerred by an alert in the events feed in scope of a teamEDITAlert EventsALERT_EVENTS
    AlertsManage access to AlertsAccess the events generated by triggered alerts in scope of a teamREADAlert EventsALERT_EVENTS
    AlertsManage access to AlertsModify alerts in scope of a teamEDITAlertsALERTS
    AlertsManage access to AlertsAccess the alerts in scope of a teamREADAlertsALERTS
    Captures / InvestigateManage access to Captures / InvestigateModify capturesEDITCapturesCAPTURES
    Captures / InvestigateManage access to Captures / InvestigateAccess capturesREADCapturesCAPTURES
    Captures / InvestigateManage access to Captures / InvestigateView captures in the UIVIEWCapturesCAPTURES
    DashboardsManage access to dashboardsN/AREADDashboard Metrics DataDASHBOARD_METRICS_DATA
    DashboardsManage access to dashboardsModify dashboards in scope of a teamEDITDashboardsDASHBOARDS
    DashboardsManage access to dashboardsAccess dashboards in scope of a teamREADDashboardsDASHBOARDS
    Data Access SettingsManage access to Data SettingsCreate and edit custom groupingsEDITGroupingsGROUPINGS
    Data Access SettingsManage access to Data SettingsAccess default and custom groupingsREADGroupingsGROUPINGS
    Data Access SettingsManage access to Data SettingsAccess metrics dataREADMetrics DataMETRICS_DATA
    Data Access SettingsManage access to Data SettingsAccess metrics descriptorsREADMetrics DescriptorsMETRICS_DESCRIPTORS
    Data Access SettingsManage access to Data SettingsAccess Prometheus metrics and labelsREADPromQL MetadataPROMQL_METADATA
    EventsManage access to EventsAcknowledge the infrastructure and other events created by Sysdig Agent or Sysdig APIEDITCustom EventsInfrastructure events or events created via API
    EventsManage access to EventsAccess the infrastructure and other events created by Sysdig Agent or Sysdig APIREADCustom EventsInfrastructure events or events created via API
    Explore / MetricsManage access to Explore / MetricsUse Agent Console commandsVIEWAgent ConsoleAGENT_CLI
    Explore / MetricsManage access to Explore / MetricsUse Agent Console commands which access agent statusREADAgent Console - Agent StatusAGENT_STATUS
    Explore / MetricsManage access to Explore / MetricsUse Agent Console commands to view the configuration of the agent which does not contain sensitive information like passwordsVIEWAgent Console - ConfigurationAGENT_CONFIGURATION
    Explore / MetricsManage access to Explore / MetricsUse Agent Console commands which make network calls to remote pods and endpointsEXECAgent Console - Network CallsAGENT_REMOTE_NETWORK_CALLS
    Explore / MetricsManage access to Explore / MetricsN/AEDITExploreEXPLORE
    Explore / MetricsManage access to Explore / MetricsMetric querying with ExploreREADExploreEXPLORE
    Explore / MetricsManage access to Explore / MetricsShare metrics grouping with the teamTOGGLEShared Groupings with TeamGROUPINGS_TEAM_SHARING
    IntegrationsN/AModify custom integrations in spotlightEDITCustom IntegrationsIntegrations created by the user manually, before the system automatic detection triggered
    IntegrationsN/AAccess custom integrations in spotlightREADCustom IntegrationsIntegrations created by the user manually, before the system automatic detection triggered
    IntegrationsN/AAccess Helm-renderer componentREADHelm RendererHELM_RENDERER
    IntegrationsN/AView discovered infrastructureREADInfrastructureINFRASTRUCTURE
    IntegrationsN/AView discovered workload integrationsREADIntegrationsINTEGRATIONS
    IntegrationsN/AChange monitoring integration type or statusEDITMonitoring IntegrationsPROMCAT_INTEGRATIONS
    IntegrationsN/AAccess monitoring integration type or statusREADMonitoring IntegrationsPROMCAT_INTEGRATIONS
    IntegrationsN/AChange monitoring integration status to Pending MetricsVALIDATEMonitoring IntegrationsPROMCAT_INTEGRATIONS
    IntegrationsN/AN/AREADProvidersPROVIDERS
    IntegrationsN/AAccess spotlightREADSpotlightSPOTLIGHT
    SettingsN/AGet agent access key (required for agent installation)READAgent InstallationAGENT_INSTALLATION
    SettingsN/AList alert downtimes for the customerREADAlert DowntimesDOWNTIMES
    SettingsN/AReset users API token in scope of a teamEDITAPI Access TokenAPI_TOKEN
    SettingsN/AAccess users API token in scope of a teamREADAPI Access TokenAPI_TOKEN
    SettingsN/AView your API tokenVIEWAPI Access TokenAPI_TOKEN
    SettingsN/AAccess AWS settingsREADAWS SettingsAWS_SETTINGS
    SettingsN/AAccess event forwarding configurationREADEvents ForwarderEVENTS_FORWARDER
    SettingsN/AAccess global notification channelsREADGlobal Notification ChannelsGLOBAL_NOTIFICATION_CHANNELS
    SettingsN/AModify notification channels in scope of a teamEDITNotification ChannelsNOTIFICATION_CHANNELS
    SettingsN/AAccess notification channels in scope of a teamREADNotification ChannelsNOTIFICATION_CHANNELS
    SettingsN/AModify service accounts in scope of a teamEDITService AccountsSERVICE_ACCOUNTS
    SettingsN/AAccess service accounts in scope of a teamREADService AccountsSERVICE_ACCOUNTS
    SettingsN/AAccess customer subscription detailsREADSubscriptionsSUBSCRIPTIONS
    SettingsN/AView Sysdig storage configurationREADSysdig StorageSYSDIG_STORAGE
    SettingsN/AModify team settings without the ability to modify team membership for usersMANAGETeamsTEAMS

    Advanced User

    categoryDescriptiondescriptionactionitemDisplayNameitemDescription
    Manage access to AdvisorAccess AdvisorREADAdvisorOVERVIEWS
    Manage access to AdvisorKubernetes API featureREADKubernetes APIKUBERNETES_API_COMMANDS
    Manage access to AdvisorAccess Live Logs featureVIEWLive LogsLIVELOGS
    Manage access to AlertsAcknowledge an event triggerred by an alert in the events feed in scope of a teamEDITAlert EventsALERT_EVENTS
    Manage access to AlertsAccess the events generated by triggered alerts in scope of a teamREADAlert EventsALERT_EVENTS
    Manage access to AlertsModify alerts in scope of a teamEDITAlertsALERTS
    Manage access to AlertsAccess the alerts in scope of a teamREADAlertsALERTS
    Manage access to Captures / InvestigateModify capturesEDITCapturesCAPTURES
    Manage access to Captures / InvestigateAccess capturesREADCapturesCAPTURES
    Manage access to Captures / InvestigateView captures in the UIVIEWCapturesCAPTURES
    Manage access to dashboardsN/AREADDashboard Metrics DataDASHBOARD_METRICS_DATA
    Manage access to dashboardsModify dashboards in scope of a teamEDITDashboardsDASHBOARDS
    Manage access to dashboardsAccess dashboards in scope of a teamREADDashboardsDASHBOARDS
    Manage access to Data SettingsCreate and edit custom groupingsEDITGroupingsGROUPINGS
    Manage access to Data SettingsAccess default and custom groupingsREADGroupingsGROUPINGS
    Manage access to Data SettingsAccess metrics dataREADMetrics DataMETRICS_DATA
    Manage access to Data SettingsAccess metrics descriptorsREADMetrics DescriptorsMETRICS_DESCRIPTORS
    Manage access to Data SettingsAccess Prometheus metrics and labelsREADPromQL MetadataPROMQL_METADATA
    Manage access to EventsAcknowledge the infrastructure and other events created by Sysdig Agent or Sysdig APIEDITCustom EventsInfrastructure events or events created via API
    Manage access to EventsAccess the infrastructure and other events created by Sysdig Agent or Sysdig APIREADCustom EventsInfrastructure events or events created via API
    Manage access to Explore / MetricsUse Agent Console commandsVIEWAgent ConsoleAGENT_CLI
    Manage access to Explore / MetricsUse Agent Console commands which access agent statusREADAgent Console - Agent StatusAGENT_STATUS
    Manage access to Explore / MetricsUse Agent Console commands to view the configuration of the agent which does not contain sensitive information like passwordsVIEWAgent Console - ConfigurationAGENT_CONFIGURATION
    Manage access to Explore / MetricsUse Agent Console commands which make network calls to remote pods and endpointsEXECAgent Console - Network CallsAGENT_REMOTE_NETWORK_CALLS
    Manage access to Explore / MetricsN/AEDITExploreEXPLORE
    Manage access to Explore / MetricsMetric querying with ExploreREADExploreEXPLORE
    Manage access to Explore / MetricsShare metrics grouping with the teamTOGGLEShared Groupings with TeamGROUPINGS_TEAM_SHARING
    N/AModify custom integrations in spotlightEDITCustom IntegrationsIntegrations created by the user manually, before the system automatic detection triggered
    N/AAccess custom integrations in spotlightREADCustom IntegrationsIntegrations created by the user manually, before the system automatic detection triggered
    N/AAccess Helm-renderer componentREADHelm RendererHELM_RENDERER
    N/AView discovered infrastructureREADInfrastructureINFRASTRUCTURE
    N/AView discovered workload integrationsREADIntegrationsINTEGRATIONS
    N/AChange monitoring integration type or statusEDITMonitoring IntegrationsPROMCAT_INTEGRATIONS
    N/AAccess monitoring integration type or statusREADMonitoring IntegrationsPROMCAT_INTEGRATIONS
    N/AChange monitoring integration status to Pending MetricsVALIDATEMonitoring IntegrationsPROMCAT_INTEGRATIONS
    N/AN/AREADProvidersPROVIDERS
    N/AAccess spotlightREADSpotlightSPOTLIGHT
    N/AGet agent access key (required for agent installation)READAgent InstallationAGENT_INSTALLATION
    N/AList alert downtimes for the customerREADAlert DowntimesDOWNTIMES
    N/AReset users API token in scope of a teamEDITAPI Access TokenAPI_TOKEN
    N/AAccess users API token in scope of a teamREADAPI Access TokenAPI_TOKEN
    N/AView your API tokenVIEWAPI Access TokenAPI_TOKEN
    N/AAccess AWS settingsREADAWS SettingsAWS_SETTINGS
    N/AAccess event forwarding configurationREADEvents ForwarderEVENTS_FORWARDER
    N/AAccess global notification channelsREADGlobal Notification ChannelsGLOBAL_NOTIFICATION_CHANNELS
    N/AModify notification channels in scope of a teamEDITNotification ChannelsNOTIFICATION_CHANNELS
    N/AAccess notification channels in scope of a teamREADNotification ChannelsNOTIFICATION_CHANNELS
    N/AAccess service accounts in scope of a teamREADService AccountsSERVICE_ACCOUNTS
    N/AAccess customer subscription detailsREADSubscriptionsSUBSCRIPTIONS
    N/AView Sysdig storage configurationREADSysdig StorageSYSDIG_STORAGE

    Sysdig Secure Team Roles

    Standard User

    categoryNamecategoryDescriptiondescriptionactionitemDisplayNameitemDescription
    AdvisorManage access to AdvisorKubernetes API featureREADKubernetes APIKUBERNETES_API_COMMANDS
    AdvisorManage access to AdvisorAccess Live Logs featureVIEWLive LogsLIVELOGS
    AlertsManage access to AlertsAccess the alerts in scope of a teamREADAlertsALERTS
    Captures / InvestigateManage access to Captures / InvestigateAccess capturesREADCapturesCAPTURES
    Captures / InvestigateManage access to Captures / InvestigateView captures in the UIVIEWCapturesCAPTURES
    Data Access SettingsManage access to Data SettingsCreate and edit custom groupingsEDITGroupingsGROUPINGS
    Data Access SettingsManage access to Data SettingsAccess default and custom groupingsREADGroupingsGROUPINGS
    Data Access SettingsManage access to Data SettingsAccess metrics dataREADMetrics DataMETRICS_DATA
    Data Access SettingsManage access to Data SettingsAccess metrics descriptorsREADMetrics DescriptorsMETRICS_DESCRIPTORS
    EventsManage access to EventsAccess the infrastructure and other events created by Sysdig Agent or Sysdig APIREADCustom EventsInfrastructure events or events created via API
    EventsManage access to EventsAccess policy eventsREADPolicy EventsPOLICY_EVENTS
    Explore / MetricsManage access to Explore / MetricsUse Agent Console commandsVIEWAgent ConsoleAGENT_CLI
    Explore / MetricsManage access to Explore / MetricsUse Agent Console commands which access agent statusREADAgent Console - Agent StatusAGENT_STATUS
    Explore / MetricsManage access to Explore / MetricsUse Agent Console commands to view the configuration of the agent which does not contain sensitive information like passwordsVIEWAgent Console - ConfigurationAGENT_CONFIGURATION
    Explore / MetricsManage access to Explore / MetricsUse Agent Console commands which make network calls to remote pods and endpointsEXECAgent Console - Network CallsAGENT_REMOTE_NETWORK_CALLS
    Explore / MetricsManage access to Explore / MetricsMetric querying with ExploreREADExploreEXPLORE
    Explore / MetricsManage access to Explore / MetricsShare metrics grouping with the teamTOGGLEShared Groupings with TeamGROUPINGS_TEAM_SHARING
    IntegrationsN/AAccess Helm-renderer componentREADHelm RendererHELM_RENDERER
    IntegrationsN/AView discovered infrastructureREADInfrastructureINFRASTRUCTURE
    IntegrationsN/AAccess monitoring integration type or statusREADMonitoring IntegrationsPROMCAT_INTEGRATIONS
    IntegrationsN/AN/AREADProvidersPROVIDERS
    PostureN/AAccess CSPM resultsREADCSPMCSPM_RESULTS
    ScanningManage access to ScanningImport scanning imagesEDITImage ImportSECURE_IMPORT_IMAGES
    ScanningManage access to ScanningRead scan resultsREADScanningSCANNING
    ScanningManage access to ScanningAccess scanning alertsREADScanning AlertsSECURE_ALERTS
    ScanningManage access to ScanningCreate scanning eventsCREATEScanning Image ResultsSECURE_IMAGES
    ScanningManage access to ScanningList scanning imagesREADScanning Image ResultsSECURE_IMAGES
    ScanningManage access to ScanningQuery runtime containers APIEDITScanning RuntimeSECURE_QUERY_CONTAINERS
    ScanningManage access to ScanningView and download existing reportsREADScanning Scheduled ReportsSECURE_REPORTS
    ScanningManage access to ScanningAccess the trusted images listREADScanning Trusted ImagesSECURE_WHITELIST_IMAGES
    ScanningManage access to ScanningAccess the untrusted images listREADScanning Untrusted ImagesSECURE_BLACKLIST_IMAGES
    ScanningManage access to ScanningAccess vulnerability exceptionsREADScanning Vulnerability ExceptionsSECURE_WHITELIST
    SettingsN/AGet agent access key (required for agent installation)READAgent InstallationAGENT_INSTALLATION
    SettingsN/AReset users API token in scope of a teamEDITAPI Access TokenAPI_TOKEN
    SettingsN/AAccess users API token in scope of a teamREADAPI Access TokenAPI_TOKEN
    SettingsN/AView your API tokenVIEWAPI Access TokenAPI_TOKEN
    SettingsN/AAccess AWS settingsREADAWS SettingsAWS_SETTINGS
    SettingsN/AAccess cloud accountsREADCloud AccountsCLOUD_ACCOUNTS
    SettingsN/AAccess global notification channelsREADGlobal Notification ChannelsGLOBAL_NOTIFICATION_CHANNELS
    SettingsN/AAccess IAC resultsREADIACIAC
    SettingsN/AAccess notification channels in scope of a teamREADNotification ChannelsNOTIFICATION_CHANNELS
    SettingsN/AAccess service accounts in scope of a teamREADService AccountsSERVICE_ACCOUNTS
    SettingsN/AAccess customer subscription detailsREADSubscriptionsSUBSCRIPTIONS
    SettingsN/AModify Sysdig Secure configurationEDITSysdig Secure SettingsSECURE_SETTINGS
    SettingsN/AView Sysdig storage configurationREADSysdig StorageSYSDIG_STORAGE

    Service Manager

    categoryNamecategoryDescriptiondescriptionactionitemDisplayNameitemDescription
    AdvisorManage access to AdvisorKubernetes API featureREADKubernetes APIKUBERNETES_API_COMMANDS
    AdvisorManage access to AdvisorAccess Live Logs featureVIEWLive LogsLIVELOGS
    AlertsManage access to AlertsAccess the alerts in scope of a teamREADAlertsALERTS
    Captures / InvestigateManage access to Captures / InvestigateAccess capturesREADCapturesCAPTURES
    Captures / InvestigateManage access to Captures / InvestigateView captures in the UIVIEWCapturesCAPTURES
    Data Access SettingsManage access to Data SettingsCreate and edit custom groupingsEDITGroupingsGROUPINGS
    Data Access SettingsManage access to Data SettingsAccess default and custom groupingsREADGroupingsGROUPINGS
    Data Access SettingsManage access to Data SettingsAccess metrics dataREADMetrics DataMETRICS_DATA
    Data Access SettingsManage access to Data SettingsAccess metrics descriptorsREADMetrics DescriptorsMETRICS_DESCRIPTORS
    EventsManage access to EventsAccess the infrastructure and other events created by Sysdig Agent or Sysdig APIREADCustom EventsInfrastructure events or events created via API
    EventsManage access to EventsAccess policy eventsREADPolicy EventsPOLICY_EVENTS
    Explore / MetricsManage access to Explore / MetricsUse Agent Console commandsVIEWAgent ConsoleAGENT_CLI
    Explore / MetricsManage access to Explore / MetricsUse Agent Console commands which access agent statusREADAgent Console - Agent StatusAGENT_STATUS
    Explore / MetricsManage access to Explore / MetricsUse Agent Console commands to view the configuration of the agent which does not contain sensitive information like passwordsVIEWAgent Console - ConfigurationAGENT_CONFIGURATION
    Explore / MetricsManage access to Explore / MetricsUse Agent Console commands which make network calls to remote pods and endpointsEXECAgent Console - Network CallsAGENT_REMOTE_NETWORK_CALLS
    Explore / MetricsManage access to Explore / MetricsMetric querying with ExploreREADExploreEXPLORE
    Explore / MetricsManage access to Explore / MetricsShare metrics grouping with the teamTOGGLEShared Groupings with TeamGROUPINGS_TEAM_SHARING
    IntegrationsN/AAccess Helm-renderer componentREADHelm RendererHELM_RENDERER
    IntegrationsN/AView discovered infrastructureREADInfrastructureINFRASTRUCTURE
    IntegrationsN/AAccess monitoring integration type or statusREADMonitoring IntegrationsPROMCAT_INTEGRATIONS
    IntegrationsN/AN/AREADProvidersPROVIDERS
    PostureN/AAccess CSPM resultsREADCSPMCSPM_RESULTS
    ScanningManage access to ScanningImport scanning imagesEDITImage ImportSECURE_IMPORT_IMAGES
    ScanningManage access to ScanningExecute backend scanningEXECScanningSCANNING
    ScanningManage access to ScanningRead scan resultsREADScanningSCANNING
    ScanningManage access to ScanningModify scanning alerts and registry credentialsWRITEScanningSCANNING
    ScanningManage access to ScanningModify scanning alertsEDITScanning AlertsSECURE_ALERTS
    ScanningManage access to ScanningAccess scanning alertsREADScanning AlertsSECURE_ALERTS
    ScanningManage access to ScanningCreate scanning eventsCREATEScanning Image ResultsSECURE_IMAGES
    ScanningManage access to ScanningList scanning imagesREADScanning Image ResultsSECURE_IMAGES
    ScanningManage access to ScanningAccess policy mappingsREADScanning Policy AssignmentsSECURE_MAPPINGS
    ScanningManage access to ScanningQuery runtime containers APIEDITScanning RuntimeSECURE_QUERY_CONTAINERS
    ScanningManage access to ScanningView and download existing reportsREADScanning Scheduled ReportsSECURE_REPORTS
    ScanningManage access to ScanningAccess the trusted images listREADScanning Trusted ImagesSECURE_WHITELIST_IMAGES
    ScanningManage access to ScanningAccess the untrusted images listREADScanning Untrusted ImagesSECURE_BLACKLIST_IMAGES
    ScanningManage access to ScanningAccess vulnerability exceptionsREADScanning Vulnerability ExceptionsSECURE_WHITELIST
    SettingsN/AGet agent access key (required for agent installation)READAgent InstallationAGENT_INSTALLATION
    SettingsN/AReset users API token in scope of a teamEDITAPI Access TokenAPI_TOKEN
    SettingsN/AAccess users API token in scope of a teamREADAPI Access TokenAPI_TOKEN
    SettingsN/AView your API tokenVIEWAPI Access TokenAPI_TOKEN
    SettingsN/AAccess AWS settingsREADAWS SettingsAWS_SETTINGS
    SettingsN/AAccess cloud accountsREADCloud AccountsCLOUD_ACCOUNTS
    SettingsN/AAccess global notification channelsREADGlobal Notification ChannelsGLOBAL_NOTIFICATION_CHANNELS
    SettingsN/AAccess IAC resultsREADIACIAC
    SettingsN/AModify notification channels in scope of a teamEDITNotification ChannelsNOTIFICATION_CHANNELS
    SettingsN/AAccess notification channels in scope of a teamREADNotification ChannelsNOTIFICATION_CHANNELS
    SettingsN/AAccess service accounts in scope of a teamREADService AccountsSERVICE_ACCOUNTS
    SettingsN/AAccess customer subscription detailsREADSubscriptionsSUBSCRIPTIONS
    SettingsN/AModify Sysdig Secure configurationEDITSysdig Secure SettingsSECURE_SETTINGS
    SettingsN/AView Sysdig storage configurationREADSysdig StorageSYSDIG_STORAGE
    SettingsN/AInvite other users to the teamsEDITTeam MembershipTEAM_MEMBERSHIP
    SettingsN/AAccess team membersREADTeam MembershipTEAM_MEMBERSHIP
    SettingsN/AModify team members rolesEDITTeam Membership RolesTEAM_MEMBERSHIP_ROLE
    SettingsN/AModify team settings without the ability to modify team membership for usersMANAGETeamsTEAMS
    SettingsN/AN/AREADTeamsTEAMS
    SettingsN/AAccess existing users dataREADUsersUSERS

    View Only

    categoryNamecategoryDescriptiondescriptionactionitemDisplayNameitemDescription
    AdvisorManage access to AdvisorKubernetes API featureREADKubernetes APIKUBERNETES_API_COMMANDS
    AdvisorManage access to AdvisorAccess Live Logs featureVIEWLive LogsLIVELOGS
    AlertsManage access to AlertsAccess the alerts in scope of a teamREADAlertsALERTS
    Captures / InvestigateManage access to Captures / InvestigateAccess activity audit commandsREADActivity Audit CommandsCOMMANDS
    Captures / InvestigateManage access to Captures / InvestigateAccess capturesREADCapturesCAPTURES
    Captures / InvestigateManage access to Captures / InvestigateView captures in the UIVIEWCapturesCAPTURES
    Data Access SettingsManage access to Data SettingsCreate and edit custom groupingsEDITGroupingsGROUPINGS
    Data Access SettingsManage access to Data SettingsAccess default and custom groupingsREADGroupingsGROUPINGS
    Data Access SettingsManage access to Data SettingsAccess metrics dataREADMetrics DataMETRICS_DATA
    Data Access SettingsManage access to Data SettingsAccess metrics descriptorsREADMetrics DescriptorsMETRICS_DESCRIPTORS
    EventsManage access to EventsAccess the infrastructure and other events created by Sysdig Agent or Sysdig APIREADCustom EventsInfrastructure events or events created via API
    EventsManage access to EventsAccess policy eventsREADPolicy EventsPOLICY_EVENTS
    Explore / MetricsManage access to Explore / MetricsUse Agent Console commandsVIEWAgent ConsoleAGENT_CLI
    Explore / MetricsManage access to Explore / MetricsUse Agent Console commands which access agent statusREADAgent Console - Agent StatusAGENT_STATUS
    Explore / MetricsManage access to Explore / MetricsUse Agent Console commands to view the configuration of the agent which does not contain sensitive information like passwordsVIEWAgent Console - ConfigurationAGENT_CONFIGURATION
    Explore / MetricsManage access to Explore / MetricsUse Agent Console commands which make network calls to remote pods and endpointsEXECAgent Console - Network CallsAGENT_REMOTE_NETWORK_CALLS
    Explore / MetricsManage access to Explore / MetricsMetric querying with ExploreREADExploreEXPLORE
    IntegrationsN/AAccess Helm-renderer componentREADHelm RendererHELM_RENDERER
    IntegrationsN/AView discovered infrastructureREADInfrastructureINFRASTRUCTURE
    IntegrationsN/AAccess monitoring integration type or statusREADMonitoring IntegrationsPROMCAT_INTEGRATIONS
    IntegrationsN/AN/AREADProvidersPROVIDERS
    INTERNAL_UNCATEGORIZEDINTERNAL_UNCATEGORIZEDN/AREADAudit PoliciesSECURE_AUDIT_POLICIES
    Network SecurityN/AAccess Kubernetes Network Security policy advisorREADNetwork SecurityNETSEC
    PoliciesN/AView existing image profilesREADImage profilingPROFILING
    PoliciesN/AAccess policiesREADPoliciesPOLICIES
    PoliciesN/ARead PSP advisor simulationsREADPolicy AdvisorPADVISOR
    PostureN/AAccess scheduled benchmark taksREADBenchmark TasksBENCHMARK_TASKS
    PostureN/AAccess benchmark resultsREADBenchmarksBENCHMARKS
    PostureN/AAccess Compliance tasks and reportsREADComplianceCOMPLIANCE
    PostureN/AAccess CSPM resultsREADCSPMCSPM_RESULTS
    ScanningManage access to ScanningRead scan resultsREADScanningSCANNING
    ScanningManage access to ScanningAccess scanning alertsREADScanning AlertsSECURE_ALERTS
    ScanningManage access to ScanningList scanning imagesREADScanning Image ResultsSECURE_IMAGES
    ScanningManage access to ScanningAccess security policiesREADScanning PoliciesSECURE_POLICY
    ScanningManage access to ScanningAccess policy mappingsREADScanning Policy AssignmentsSECURE_MAPPINGS
    ScanningManage access to ScanningList container registriesREADScanning Registry CredentialsSECURE_REGISTRY
    ScanningManage access to ScanningQuery runtime containers APIEDITScanning RuntimeSECURE_QUERY_CONTAINERS
    ScanningManage access to ScanningView and download existing reportsREADScanning Scheduled ReportsSECURE_REPORTS
    ScanningManage access to ScanningAccess the trusted images listREADScanning Trusted ImagesSECURE_WHITELIST_IMAGES
    ScanningManage access to ScanningAccess the untrusted images listREADScanning Untrusted ImagesSECURE_BLACKLIST_IMAGES
    ScanningManage access to ScanningAccess vulnerability exceptionsREADScanning Vulnerability ExceptionsSECURE_WHITELIST
    SettingsN/AGet agent access key (required for agent installation)READAgent InstallationAGENT_INSTALLATION
    SettingsN/AReset users API token in scope of a teamEDITAPI Access TokenAPI_TOKEN
    SettingsN/AAccess users API token in scope of a teamREADAPI Access TokenAPI_TOKEN
    SettingsN/AView your API tokenVIEWAPI Access TokenAPI_TOKEN
    SettingsN/AAccess AWS settingsREADAWS SettingsAWS_SETTINGS
    SettingsN/AAccess cloud accountsREADCloud AccountsCLOUD_ACCOUNTS
    SettingsN/AAccess global notification channelsREADGlobal Notification ChannelsGLOBAL_NOTIFICATION_CHANNELS
    SettingsN/AAccess IAC resultsREADIACIAC
    SettingsN/AAccess notification channels in scope of a teamREADNotification ChannelsNOTIFICATION_CHANNELS
    SettingsN/AAccess service accounts in scope of a teamREADService AccountsSERVICE_ACCOUNTS
    SettingsN/AAccess customer subscription detailsREADSubscriptionsSUBSCRIPTIONS
    SettingsN/AModify Sysdig Secure configurationEDITSysdig Secure SettingsSECURE_SETTINGS
    SettingsN/AView Sysdig storage configurationREADSysdig StorageSYSDIG_STORAGE

    Team Manager

    categoryNamecategoryDescriptiondescriptionactionitemDisplayNameitemDescription
    AdvisorManage access to AdvisorKubernetes API featureREADKubernetes APIKUBERNETES_API_COMMANDS
    AdvisorManage access to AdvisorAccess Live Logs featureVIEWLive LogsLIVELOGS
    AlertsManage access to AlertsModify alerts in scope of a teamEDITAlertsALERTS
    AlertsManage access to AlertsAccess the alerts in scope of a teamREADAlertsALERTS
    Captures / InvestigateManage access to Captures / InvestigateAccess activity audit commandsREADActivity Audit CommandsCOMMANDS
    Captures / InvestigateManage access to Captures / InvestigateModify capturesEDITCapturesCAPTURES
    Captures / InvestigateManage access to Captures / InvestigateAccess capturesREADCapturesCAPTURES
    Captures / InvestigateManage access to Captures / InvestigateView captures in the UIVIEWCapturesCAPTURES
    Captures / InvestigateManage access to Captures / InvestigateUse rapid responseEXECRapid ResponseRAPID_RESPONSE
    Data Access SettingsManage access to Data SettingsAccess data stream configurationREADDatastreamDATASTREAM
    Data Access SettingsManage access to Data SettingsCreate and edit custom groupingsEDITGroupingsGROUPINGS
    Data Access SettingsManage access to Data SettingsAccess default and custom groupingsREADGroupingsGROUPINGS
    Data Access SettingsManage access to Data SettingsAccess metrics dataREADMetrics DataMETRICS_DATA
    Data Access SettingsManage access to Data SettingsAccess metrics descriptorsREADMetrics DescriptorsMETRICS_DESCRIPTORS
    EventsManage access to EventsAccess the infrastructure and other events created by Sysdig Agent or Sysdig APIREADCustom EventsInfrastructure events or events created via API
    EventsManage access to EventsAccess policy eventsREADPolicy EventsPOLICY_EVENTS
    Explore / MetricsManage access to Explore / MetricsUse Agent Console commandsVIEWAgent ConsoleAGENT_CLI
    Explore / MetricsManage access to Explore / MetricsUse Agent Console commands which access agent statusREADAgent Console - Agent StatusAGENT_STATUS
    Explore / MetricsManage access to Explore / MetricsUse Agent Console commands to view the configuration of the agent which does not contain sensitive information like passwordsVIEWAgent Console - ConfigurationAGENT_CONFIGURATION
    Explore / MetricsManage access to Explore / MetricsUse Agent Console commands which make network calls to remote pods and endpointsEXECAgent Console - Network CallsAGENT_REMOTE_NETWORK_CALLS
    Explore / MetricsManage access to Explore / MetricsN/AEDITExploreEXPLORE
    Explore / MetricsManage access to Explore / MetricsMetric querying with ExploreREADExploreEXPLORE
    Explore / MetricsManage access to Explore / MetricsShare metrics grouping with the teamTOGGLEShared Groupings with TeamGROUPINGS_TEAM_SHARING
    IntegrationsN/AAccess Helm-renderer componentREADHelm RendererHELM_RENDERER
    IntegrationsN/AView discovered infrastructureREADInfrastructureINFRASTRUCTURE
    IntegrationsN/AAccess monitoring integration type or statusREADMonitoring IntegrationsPROMCAT_INTEGRATIONS
    IntegrationsN/AN/AREADProvidersPROVIDERS
    INTERNAL_UNCATEGORIZEDINTERNAL_UNCATEGORIZEDN/AREADAudit PoliciesSECURE_AUDIT_POLICIES
    Network SecurityN/AAccess Kubernetes Network Security policy advisorREADNetwork SecurityNETSEC
    PoliciesN/AExecute image profilingEXECImage profilingPROFILING
    PoliciesN/AView existing image profilesREADImage profilingPROFILING
    PoliciesN/AWrite image profilesWRITEImage profilingPROFILING
    PoliciesN/AModify policiesEDITPoliciesPOLICIES
    PoliciesN/AAccess policiesREADPoliciesPOLICIES
    PoliciesN/AExecute PSP advisor simulationEXECPolicy AdvisorPADVISOR
    PoliciesN/ARead PSP advisor simulationsREADPolicy AdvisorPADVISOR
    PoliciesN/ACreate PSP advisor simulationWRITEPolicy AdvisorPADVISOR
    PostureN/ACreate and modify scheduled benchmark adn compliance tasksEDITBenchmark TasksBENCHMARK_TASKS
    PostureN/AAccess scheduled benchmark taksREADBenchmark TasksBENCHMARK_TASKS
    PostureN/AAccess benchmark resultsREADBenchmarksBENCHMARKS
    PostureN/AAccess Compliance tasks and reportsREADComplianceCOMPLIANCE
    PostureN/AAccess CSPM resultsREADCSPMCSPM_RESULTS
    ScanningManage access to ScanningImport scanning imagesEDITImage ImportSECURE_IMPORT_IMAGES
    ScanningManage access to ScanningExecute backend scanningEXECScanningSCANNING
    ScanningManage access to ScanningRead scan resultsREADScanningSCANNING
    ScanningManage access to ScanningModify scanning alerts and registry credentialsWRITEScanningSCANNING
    ScanningManage access to ScanningModify scanning alertsEDITScanning AlertsSECURE_ALERTS
    ScanningManage access to ScanningAccess scanning alertsREADScanning AlertsSECURE_ALERTS
    ScanningManage access to ScanningCreate scanning eventsCREATEScanning Image ResultsSECURE_IMAGES
    ScanningManage access to ScanningList scanning imagesREADScanning Image ResultsSECURE_IMAGES
    ScanningManage access to ScanningModify security policiesEDITScanning PoliciesSECURE_POLICY
    ScanningManage access to ScanningAccess security policiesREADScanning PoliciesSECURE_POLICY
    ScanningManage access to ScanningCreate and modify policy mappingsEDITScanning Policy AssignmentsSECURE_MAPPINGS
    ScanningManage access to ScanningAccess policy mappingsREADScanning Policy AssignmentsSECURE_MAPPINGS
    ScanningManage access to ScanningCreate and modify container registries configurationEDITScanning Registry CredentialsSECURE_REGISTRY
    ScanningManage access to ScanningList container registriesREADScanning Registry CredentialsSECURE_REGISTRY
    ScanningManage access to ScanningQuery runtime containers APIEDITScanning RuntimeSECURE_QUERY_CONTAINERS
    ScanningManage access to ScanningCreate and modify reportsEDITScanning Scheduled ReportsSECURE_REPORTS
    ScanningManage access to ScanningView and download existing reportsREADScanning Scheduled ReportsSECURE_REPORTS
    ScanningManage access to ScanningModify the trusted images listEDITScanning Trusted ImagesSECURE_WHITELIST_IMAGES
    ScanningManage access to ScanningAccess the trusted images listREADScanning Trusted ImagesSECURE_WHITELIST_IMAGES
    ScanningManage access to ScanningModify the untrusted images listEDITScanning Untrusted ImagesSECURE_BLACKLIST_IMAGES
    ScanningManage access to ScanningAccess the untrusted images listREADScanning Untrusted ImagesSECURE_BLACKLIST_IMAGES
    ScanningManage access to ScanningEdit vulnerability exceptionsEDITScanning Vulnerability ExceptionsSECURE_WHITELIST
    ScanningManage access to ScanningAccess vulnerability exceptionsREADScanning Vulnerability ExceptionsSECURE_WHITELIST
    SettingsN/AGet agent access key (required for agent installation)READAgent InstallationAGENT_INSTALLATION
    SettingsN/AReset users API token in scope of a teamEDITAPI Access TokenAPI_TOKEN
    SettingsN/AAccess users API token in scope of a teamREADAPI Access TokenAPI_TOKEN
    SettingsN/AView your API tokenVIEWAPI Access TokenAPI_TOKEN
    SettingsN/AAccess AWS settingsREADAWS SettingsAWS_SETTINGS
    SettingsN/AAccess cloud accountsREADCloud AccountsCLOUD_ACCOUNTS
    SettingsN/AAccess global notification channelsREADGlobal Notification ChannelsGLOBAL_NOTIFICATION_CHANNELS
    SettingsN/AAccess IAC resultsREADIACIAC
    SettingsN/AModify notification channels in scope of a teamEDITNotification ChannelsNOTIFICATION_CHANNELS
    SettingsN/AAccess notification channels in scope of a teamREADNotification ChannelsNOTIFICATION_CHANNELS
    SettingsN/AModify service accounts in scope of a teamEDITService AccountsSERVICE_ACCOUNTS
    SettingsN/AAccess service accounts in scope of a teamREADService AccountsSERVICE_ACCOUNTS
    SettingsN/AAccess customer subscription detailsREADSubscriptionsSUBSCRIPTIONS
    SettingsN/AModify Sysdig Secure configurationEDITSysdig Secure SettingsSECURE_SETTINGS
    SettingsN/AView Sysdig storage configurationREADSysdig StorageSYSDIG_STORAGE
    SettingsN/AModify team settings without the ability to modify team membership for usersMANAGETeamsTEAMS

    Advanced User

    categoryNamecategoryDescriptiondescriptionactionitemDisplayNameitemDescription
    AdvisorManage access to AdvisorKubernetes API featureREADKubernetes APIKUBERNETES_API_COMMANDS
    AdvisorManage access to AdvisorAccess Live Logs featureVIEWLive LogsLIVELOGS
    AlertsManage access to AlertsModify alerts in scope of a teamEDITAlertsALERTS
    AlertsManage access to AlertsAccess the alerts in scope of a teamREADAlertsALERTS
    Captures / InvestigateManage access to Captures / InvestigateAccess activity audit commandsREADActivity Audit CommandsCOMMANDS
    Captures / InvestigateManage access to Captures / InvestigateModify capturesEDITCapturesCAPTURES
    Captures / InvestigateManage access to Captures / InvestigateAccess capturesREADCapturesCAPTURES
    Captures / InvestigateManage access to Captures / InvestigateView captures in the UIVIEWCapturesCAPTURES
    Captures / InvestigateManage access to Captures / InvestigateUse rapid responseEXECRapid ResponseRAPID_RESPONSE
    Data Access SettingsManage access to Data SettingsAccess data stream configurationREADDatastreamDATASTREAM
    Data Access SettingsManage access to Data SettingsCreate and edit custom groupingsEDITGroupingsGROUPINGS
    Data Access SettingsManage access to Data SettingsAccess default and custom groupingsREADGroupingsGROUPINGS
    Data Access SettingsManage access to Data SettingsAccess metrics dataREADMetrics DataMETRICS_DATA
    Data Access SettingsManage access to Data SettingsAccess metrics descriptorsREADMetrics DescriptorsMETRICS_DESCRIPTORS
    EventsManage access to EventsAccess the infrastructure and other events created by Sysdig Agent or Sysdig APIREADCustom EventsInfrastructure events or events created via API
    EventsManage access to EventsAccess policy eventsREADPolicy EventsPOLICY_EVENTS
    Explore / MetricsManage access to Explore / MetricsUse Agent Console commandsVIEWAgent ConsoleAGENT_CLI
    Explore / MetricsManage access to Explore / MetricsUse Agent Console commands which access agent statusREADAgent Console - Agent StatusAGENT_STATUS
    Explore / MetricsManage access to Explore / MetricsUse Agent Console commands to view the configuration of the agent which does not contain sensitive information like passwordsVIEWAgent Console - ConfigurationAGENT_CONFIGURATION
    Explore / MetricsManage access to Explore / MetricsUse Agent Console commands which make network calls to remote pods and endpointsEXECAgent Console - Network CallsAGENT_REMOTE_NETWORK_CALLS
    Explore / MetricsManage access to Explore / MetricsN/AEDITExploreEXPLORE
    Explore / MetricsManage access to Explore / MetricsMetric querying with ExploreREADExploreEXPLORE
    Explore / MetricsManage access to Explore / MetricsShare metrics grouping with the teamTOGGLEShared Groupings with TeamGROUPINGS_TEAM_SHARING
    IntegrationsN/AAccess Helm-renderer componentREADHelm RendererHELM_RENDERER
    IntegrationsN/AView discovered infrastructureREADInfrastructureINFRASTRUCTURE
    IntegrationsN/AAccess monitoring integration type or statusREADMonitoring IntegrationsPROMCAT_INTEGRATIONS
    IntegrationsN/AN/AREADProvidersPROVIDERS
    Network SecurityN/AAccess Kubernetes Network Security policy advisorREADNetwork SecurityNETSEC
    PoliciesN/AExecute image profilingEXECImage profilingPROFILING
    PoliciesN/AView existing image profilesREADImage profilingPROFILING
    PoliciesN/AWrite image profilesWRITEImage profilingPROFILING
    PoliciesN/AModify policiesEDITPoliciesPOLICIES
    PoliciesN/AAccess policiesREADPoliciesPOLICIES
    PoliciesN/AExecute PSP advisor simulationEXECPolicy AdvisorPADVISOR
    PoliciesN/ARead PSP advisor simulationsREADPolicy AdvisorPADVISOR
    PoliciesN/ACreate PSP advisor simulationWRITEPolicy AdvisorPADVISOR
    PostureN/ACreate and modify scheduled benchmark adn compliance tasksEDITBenchmark TasksBENCHMARK_TASKS
    PostureN/AAccess scheduled benchmark taksREADBenchmark TasksBENCHMARK_TASKS
    PostureN/AAccess benchmark resultsREADBenchmarksBENCHMARKS
    PostureN/AAccess Compliance tasks and reportsREADComplianceCOMPLIANCE
    PostureN/AAccess CSPM resultsREADCSPMCSPM_RESULTS
    ScanningManage access to ScanningImport scanning imagesEDITImage ImportSECURE_IMPORT_IMAGES
    ScanningManage access to ScanningExecute backend scanningEXECScanningSCANNING
    ScanningManage access to ScanningRead scan resultsREADScanningSCANNING
    ScanningManage access to ScanningModify scanning alerts and registry credentialsWRITEScanningSCANNING
    ScanningManage access to ScanningModify scanning alertsEDITScanning AlertsSECURE_ALERTS
    ScanningManage access to ScanningAccess scanning alertsREADScanning AlertsSECURE_ALERTS
    ScanningManage access to ScanningCreate scanning eventsCREATEScanning Image ResultsSECURE_IMAGES
    ScanningManage access to ScanningList scanning imagesREADScanning Image ResultsSECURE_IMAGES
    ScanningManage access to ScanningModify security policiesEDITScanning PoliciesSECURE_POLICY
    ScanningManage access to ScanningAccess security policiesREADScanning PoliciesSECURE_POLICY
    ScanningManage access to ScanningCreate and modify policy mappingsEDITScanning Policy AssignmentsSECURE_MAPPINGS
    ScanningManage access to ScanningAccess policy mappingsREADScanning Policy AssignmentsSECURE_MAPPINGS
    ScanningManage access to ScanningCreate and modify container registries configurationEDITScanning Registry CredentialsSECURE_REGISTRY
    ScanningManage access to ScanningList container registriesREADScanning Registry CredentialsSECURE_REGISTRY
    ScanningManage access to ScanningQuery runtime containers APIEDITScanning RuntimeSECURE_QUERY_CONTAINERS
    ScanningManage access to ScanningCreate and modify reportsEDITScanning Scheduled ReportsSECURE_REPORTS
    ScanningManage access to ScanningView and download existing reportsREADScanning Scheduled ReportsSECURE_REPORTS
    ScanningManage access to ScanningModify the trusted images listEDITScanning Trusted ImagesSECURE_WHITELIST_IMAGES
    ScanningManage access to ScanningAccess the trusted images listREADScanning Trusted ImagesSECURE_WHITELIST_IMAGES
    ScanningManage access to ScanningModify the untrusted images listEDITScanning Untrusted ImagesSECURE_BLACKLIST_IMAGES
    ScanningManage access to ScanningAccess the untrusted images listREADScanning Untrusted ImagesSECURE_BLACKLIST_IMAGES
    ScanningManage access to ScanningEdit vulnerability exceptionsEDITScanning Vulnerability ExceptionsSECURE_WHITELIST
    ScanningManage access to ScanningAccess vulnerability exceptionsREADScanning Vulnerability ExceptionsSECURE_WHITELIST
    SettingsN/AGet agent access key (required for agent installation)READAgent InstallationAGENT_INSTALLATION
    SettingsN/AReset users API token in scope of a teamEDITAPI Access TokenAPI_TOKEN
    SettingsN/AAccess users API token in scope of a teamREADAPI Access TokenAPI_TOKEN
    SettingsN/AView your API tokenVIEWAPI Access TokenAPI_TOKEN
    SettingsN/AAccess AWS settingsREADAWS SettingsAWS_SETTINGS
    SettingsN/AAccess cloud accountsREADCloud AccountsCLOUD_ACCOUNTS
    SettingsN/AAccess global notification channelsREADGlobal Notification ChannelsGLOBAL_NOTIFICATION_CHANNELS
    SettingsN/AAccess IAC resultsREADIACIAC
    SettingsN/AModify notification channels in scope of a teamEDITNotification ChannelsNOTIFICATION_CHANNELS
    SettingsN/AAccess notification channels in scope of a teamREADNotification ChannelsNOTIFICATION_CHANNELS
    SettingsN/AAccess service accounts in scope of a teamREADService AccountsSERVICE_ACCOUNTS
    SettingsN/AAccess customer subscription detailsREADSubscriptionsSUBSCRIPTIONS
    SettingsN/AModify Sysdig Secure configurationEDITSysdig Secure SettingsSECURE_SETTINGS
    SettingsN/AView Sysdig storage configurationREADSysdig StorageSYSDIG_STORAGE