Skip to main content

Lead (AS)

The DigiCert® Software Trust Manager Lead is the highest account scope (AS) role. Assign this role to users responsible for managing cryptographic assets, enforcing policies, monitoring compliance for users in the account.

Permissions

The Software Trust Manager Lead role has the following permissions assigned:

Category	Permission	Description
User settings	Default	User can view their own user profile and generate their own API key and client authentication certificate in DigiCert ONE.
Account settings	Manage account settings	User can update DigiCert® Software Trust Manager > Accounts > Account settings.
	Manage CertCentral API key	User can delete, disable, enable, setup, update and validate a CertCentral API key.
	View license	User can view licenses for the account.
Teams	Manage all teams	User can: Create new teams. View, update, deactivate, delete, and map resources to existing teams.
Audit logs	View audit log	User can view audit and signature logs in the account.
Audit logs	Export audit logs	User can export audit logs in the account.
Certificates	Manage certificate hierarchy	User can create, update, approve, reject, suspend, unsuspend, and view certificate hierarchies.
	Manage certificate profiles	User can: Create, update, enable, disable, and delete certificate profiles. Update and delete certificates.
	View certificate profile	User can view certificate profile details in the account.
	View certificate template	User can view certificate template details in the account.
	Generate certificate	User can create a new certificate.
	Import certificate	User can import certificates into the account.
	Revoke certificate	User can revoke certificates in the account.
	View certificate	User can view certificate details in the account.
Keypairs	Request keypair export	User can request to export keypairs.
	Approve keypair export	User can approve requests to export keypairs.
	Approve keypair delete	User can approve requests to delete keypairs.
	Import keypair	User can import keypairs into the account.
	Generate keypair	User can create a new keypair.
	View keypair	User can view keypair details in the account.
	Manage keypair	User can: Update, suspend or unsuspend keypairs. Create, update, enable, and disable keypair profiles. Create and update user groups. Create, update, and refresh key rotation. Generate a CSR
	Manage master keypair	User can: Create GPG master key Update, import, delete, generate, revoke, suspend, unsuspend a master key. Create subkeys.
Signatures	Sign	User can sign.
Releases	View release windows	User can view releases in the account.
	Request release	User can request to create an offline release.
	Approve release window	User can approve requests to create offline releases.
Threat detection	Manage Threat detection	User can view and download threat detection scans in the account.

En esta sección: