Role permissions settings
Certificates
| Certificate | Description |
|---|---|
| Add from file | Allows installing certificates on the unit. |
| Add from CA (FNMT) | Allows performing operations related to FNMT. |
| Edit | Allows users to: |
| Replace | Grants permission to replace certificates. |
| Delete | Allows deleting a certificate along with its associated private key. This action is permanent. |
| Manage owner | Allows editing or assigning an owner to a certificate. Owners can use the certificate, overriding all policies. |
| Firmaprofesional | Description |
|---|---|
| Issue from Firmaprofesional | Grants permission to use the API to request and consolidate certificates on the server. The generated certificates will be assigned to the groups defined in the role. |
| Download Firmaprofesional certificate | Allows certificate holders to download a copy of their certificate from the personal area. Each certificate can be downloaded once. |
| Allow operator copy | Allows users to obtain a backup copy of the certificate. |
| Pending | Description |
|---|---|
| Install | Allows users to upload personal certificates for later activation. |
| Delete | Grants permission to delete activation-pending certificates. |
| CA | Description |
|---|---|
| Install | Grants users permission to install CA certificates on the unit. |
| Delete | Allows users to delete CA certificates. |
| Description | |
|---|---|
| Install | Allows users to install email certificates on the unit. |
| Delete | Grants permission to delete email certificates. |
| Alerts | Description |
|---|---|
| View | Grants users permission to view any configured certificate alerts. |
| Create | Allows users to create certificate alerts. |
| Edit | Allow users to edit any already created certificate alerts. |
| Delete | Grants users permission to delete any already created certificate alerts. |
Policies
| Section | Permissions | Description |
|---|---|---|
| User Policies | View, Edit, Delete, and Create | Allows to view, edit, delete, and create policies. |
| Websites | View, Edit, Delete, and Create | Grants permission to view, edit, delete, and create site groups. |
| Applications | View, Edit, Delete, and Create | Grants permission to view, edit, delete, and create application groups. |
tip
For these settings to be applicable, the user's role must also be assigned to the policy. For more information, see Policy operations.
Events
| Section | Description |
|---|---|
| Users | Allows users to see events related to other users within the domain scoped by this role. |
| Certificates | Grants permission to view events related to certificates in the certificate group assigned to this role. |
| Policies | Allows users to view events related to policies assigned to this role. |
| All | Grants permission to view all event logs. |
Access
| Domain Users | Description |
|---|---|
| View | Allows users to view domain settings and users. |
| Edit | Grants users permission to edit domain settings and users. |
System
| Section | Permissions | Description |
|---|---|---|
| Services** | View and Edit | Allows users to view and edit the Services tab in the System section. |
| External Log Services | View and Edit | Grants users permission to view and edit external log services configuration. |
| High Availability | View and Edit | Grants users permission to view and edit the HA tab in the System section. |
| System Log | View | Allows users to view the audit list tab in the Events section. |
Unit
| Section | Description |
|---|---|
| View | Allows users to view system configuration (Unit, Server configuration, and Agent configuration tabs). |
| Edit | Grants permission to view and edit system configuration (Unit, Server configuration, and Agent configuration tabs). |
| Server Logs | Description |
|---|---|
| Download | Allows users to download server logs. |
| Network | Description |
|---|---|
| View | Grants users permission to view the server's network configuration and service ports. |
| Edit | Allows users to view and edit the server's network configuration and service ports. |
| Backup | Description |
|---|---|
| Generate | Grants users permission to generate a backup copy of the server database. |
| Restore | Allows users to restore a backup copy of the server database. |
| Maintenance | Description |
|---|---|
| Upgrade/Downgrade | Enables users to upgrade the server version or revert to a previous version. |
| Restart/Shutdown | Grants users permission to manage server restart and shutdown operations from the admin console. |
Agents
| Section | Description |
|---|---|
| Manage | Grants users permission to view the Agent Management tab in the System section. |
| Update Packages | Allows users to view the Agent Updates tab in the System section. |