Configuration Compliance - Read Roles
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-13-2025 07:56 AM
Similar to our Vulnerability Response implementation, we want our teams that fix misconfigurations to only see the misconfigurations assigned to their Assignment Group. I assumed (incorrectly) that adding the sn_vulc.remediation_owner role would allow them to do that (as this is what happens in VR for sn_vul.remediation_owner).
After further examination, the sn_vulc.remediation_owner role is pretty bare. And it is missing the role that is important from VR sn_vul.remediation_owner; the role it is missing is the 'read_assigned' role (sn_vul.read_assigned). However, there is no equivalent for Config Compliance; that is, there is no sn_vulc.read_assigned role.
So how do we ensure remediators see only the misconfigurations that are assigned to their team?
Thanks for your help.
- Labels:
-
Configuration Compliance
- 493 Views
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-14-2025 06:17 AM
In a related question, we have an "analyst" role which give read only access to certain folks in our sister teams. We uncovered some issues the other day whereby they were lacking visibility into certain data items. Has anyone else had a similar experience. I would expect read only "sn_vulc.read" to be for all data elements in CC, regardless of assignment.
