About pre-defined workspace permissions
Pre-defined workspace permissions are roles that are available by default in every workspace. You don’t need to create them yourself. They can include both workspace permissions that let the recipient manage the workspace, as well as resource level permissions that apply to all of the resources in the workspace. The following pre-defined roles are built into every workspace based on common patterns of permissions organizations usually need. And you are inviting someone to your workspace you can invite them with this predefined roles. The current set of pre-defined permissions are:- All-resource view: Grants read access to all resources in the workspace including their findings and reports.
- All-resource edit: Grants edit access to all resources in the workspace. This includes the scope of integrating new resource, sync, removal of resource and taking various actions on vulneabilities.
- All-resource scan: Grants scan initiation for any resource under the workspace.
- Workspace maintain: Grants maintenance access to all settings in the organization. This permission allows the user to configure each settings of the workspace.
- Workspace owner: Grants the ability to perform all the above permissions along with role and user management.
About workspace roles
You can assign people to a variety of workspace-level roles to control your members’ access to your workspace and its resources. Following is more details about the individual permissions included in each role. Owners Workspace owners have complete administrative access to your organization. This role should be limited, but to no less than two people, in your workspace. Administrators Workspace admins have most of the feature access to the organization accept the power to invite or manage roles in a workspace. Managers This role holder can manage teams and the resource access per teams in a workspace along with creating and assigning tickets to individuals. Devsecops Devsecops are the user groups who will be the responsible person to initiate scan, managing the vulnerabilities. Guest or Viewer This group of users only have the view permission. They can not do any sort of modifications or take actions regarding any resource.Permissions for organization roles
Some of the features listed below are limited to workspace using Krait Premium subscription. Learn more about our subscription plans here.| Workspace permission | Owner | Administrator | Manager | DevSecOps | Viewer |
|---|---|---|---|---|---|
| Resource View | ✓ | ✓ | ✓ | ✓ | ✓ |
| Resource Integration | ✓ | ✓ | ✓ | x | x |
| Resource Sync | ✓ | ✓ | ✓ | ✓ | x |
| Resource Delete | ✓ | x | x | x | x |
| Report View | ✓ | ✓ | ✓ | ✓ | ✓ |
| Vulnerability Ingnore | ✓ | ✓ | ✓ | ✓ | x |
| Vulnerability False Positiive | ✓ | ✓ | ✓ | ✓ | x |
| Edit CVSS Score | ✓ | ✓ | ✓ | ✓ | x |
| Create Ticket | ✓ | ✓ | ✓ | x | x |
| Create Team | ✓ | ✓ | ✓ | x | x |
| Modify Team Role | ✓ | ✓ | ✓ | x | x |
| Invite Member | ✓ | x | x | x | x |
| SLA Settings | ✓ | ✓ | x | x | x |
| Scan Frequency | ✓ | ✓ | x | x | x |
| Subscription Information | ✓ | ✓ | ✓ | x | x |
| Credit purchase | ✓ | x | x | x | x |
| Notification Settings | ✓ | ✓ | ✓ | x | x |