Trust Lifecycle Manager user roles

Assign one or more roles to a Trust Lifecycle Manager user when you add or update the user.

Account roles for standard and service users

The following user roles are available in your account:

Manager

Account setup and some day-to-day activities including inventory management and configuration of certificate profiles, integrations/connectors, admin contact details, and reports.

Category	Permission	User can
Profiles & templates	Manage enrollment	Manage certificate enrollments.
	Manage profile	Manage certificate profiles.
	Manage template	Manage certificate templates.
Certificate management	Manage create	Enroll certificates.
	Manage import	Import certificates from external CAs.
	Manage certificate	Manage certificates.
	Manage recover	Recover escrowed certificates.
	Manage renew	Renew certificates.
	Manage resume	Re-enable suspended certificates.
	Manage revoke	Revoke certificates.
	Manage suspend	Temporarily disable certificates.
General	Manage automation	Manage certificate lifecycle automation activities/features.
	Manage business units	Manage business units.
	Manage certificate owners	Manage certificate owners.
	Manage connectors	Manage connectors.
	Manage licensed seats	Manage seat allocations to business units.
	Manage network scans	Manage network scans.
	Manage report	Manage reports.
	Manage seats	Manage seats.
	Manage system scans	Manage system scans.
	View license	View available seat licenses in Account Manager.
	View logs	View audit logs.
	View SSP Portal config	View the self-service portal.

User and certificate manager

Manage seats, enrollments, certificates, and reports.

Category	Permission	User can
Profiles & templates	Manage enrollment	Manage certificate enrollments.
	View profile	View certificate profiles.
	View template	View certificate templates.
Certificate management	Manage create	Enroll certificates.
	Manage certificate	Manage certificates.
	Manage renew	Renew certificates.
	Manage resume	Re-enable suspended certificates.
	Manage revoke	Revoke certificates.
	Manage suspend	Temporarily disable certificates.
General	Manage licensed seats	Manage seat allocations to business units.
	Manage report	Manage reports.
	Manage seats	Manage seats.
	View business units	View business units.
	View connectors	View connectors.
	View logs	View audit logs.

Infrastructure admin

View and manage client tools.

Category	Permission	User can
General	Manage client tools	Manage client tools.
General	View client tools	View client tools.

Reporting admin

View and manage reports.

Category	Permission	Users can
General	Manage report	Manage reports.
	View certificate owners	View certificate owners.
	View report	View reports.

Recovery manager

Recover escrowed certificates.

Category	Permission	Users can
Certificate management	Manage recover	Recover escrowed certificates.
General	Manage seats	Manage seats.
	View business units	View business units.
	View licensed seats	View seat allocations to business units.
	View logs	View audit logs.

Import manager

Import certificates from external CAs.

Category	Permission	Users can
Certificate management	Manage import	Import certificates from external CAs.
General	Manage seats	Manage seats.
	View business units	View business units.
	View licensed seats	View seat allocations to business units.
	View logs	View audit logs.

Certificate profile manager

Create and manage certificate profiles.

Category	Permission	Users can
Profiles & templates	Manage profile	Manage certificate profiles.
Profiles & templates	Manage template	Manage certificate templates.
General	View business units	View business units.
General	View logs	View audit logs.

Certificate owners manager

This user role only contains the Manage certificate owners permission to allow the user to view and manage certificate owners.

SSP manager

This user role only contains the Manage SSP Portal config permission to allow the user to configure the self-service portal.

Custom attribute manager

This user role contains the Manage custom attributes permission to allow users to view and manage custom attributes.

CMDB Integration Config Manager

This user role contains the Manage CMDB Integration config permission to allow users to add and manage ServiceNow CMDB connectors.

View only

Read-only access to account data.

Category	Permission	Users can
Profiles & templates	View enrollment	View certificate enrollments.
	View profile	View certificate profiles.
	View template	View certificate templates.
Certificate management	View certificate	View certificates and certificate details.
General	View business units	View business units.
	View certificate owners	View certificate owners.
	View connectors	View connectors.
	View custom attributes	View custom attributes.
	View license	View available seat licenses in Account Manager.
	View licensed seats	View seat allocations to business units.
	View logs	View audit logs.
	View report	View reports.
	View seats	View seats.
	View SSP Portal config	View the self-service portal.

System roles for on-premises administration

For on-premises customers, these roles are available for system administration.

Technical support

Read-only access to account data for technical support purposes.

Category	Permission	User can
Profiles & templates	View enrollment	View certificate enrollments.
	View profile	View certificate profiles.
	View template	View certificate templates.
Certificate management	View certificate	View certificates and certificate details.
General	View app health	View app health (API).
	View audit logs	View audit logs.
	View business units	View business units.
	View business unit seat allocation	View seat allocations to business units.
	View certificate owners	View certificate owners.
	View CMDB Integration config	View ServiceNow connectors.
	View connectors	View connectors.
	View custom attributes	View custom attributes.
	View report	View reports.
	View seats	View seats.
	View SSP Portal config	View the self-service portal.

Read only

Read-only access to user and account setup data.

Category	Permission	User can
Profiles & templates	View enrollment	View certificate enrollments.
	View profile	View certificate profiles.
	View template	View certificate templates.
Certificate management	View certificate	View certificates and certificate details.
General	View app health	View app health (API).
	View audit logs	View audit logs.
	View business units	View business units.
	View business unit seat allocation	View seat allocations to business units.
	View certificate owners	View certificate owners.
	View CMDB Integration config	View ServiceNow connectors.
	View connectors	View connectors.
	View custom attributes	View custom attributes.
	View report	View reports.
	View seats	View seats.
	View SSP Portal config	View the self-service portal.

TLM admin

Superadmin responsible for managing Trust Lifecycle Manager users, accounts, and workflows.

Category	Permission	User can
Profiles & templates	Manage template	Manage certificate templates.
	View enrollment	View certificate enrollments.
	View profile	View certificate profiles.
Certificate management	Manage resume	Re-enable suspended certificates.
Certificate management	Manage suspend	Temporarily disable certificates.
General	Manage business units	Manage business units.
	Manage licensed seats	Manage seat allocations to business units.
	Manage report	Manage reports.
	View app health	View app health (API).
	View audit logs	View audit logs.
	View business units	View business units.
	View business unit seat allocation	View seat allocations to business units.
	View certificate owners	View certificate owners.
	View CMDB Integration config	View ServiceNow connectors.
	View connectors	View connectors.
	View custom attributes	View custom attributes.
	View network scans	View network scans.
	View seats	View seats.
	View SSP Portal config	View the self-service portal.
	View system scans	View system scans.

Trust Lifecycle Manager user roles

Account roles for standard and service users

System roles for on-premises administration

검색 결과