Note: The
posture info API is available as part of one of the following subscription
combinations only:
- PC and API add-on
- PC, SCA, and API add-on
- VMDR, SCA, and API add-on
User permissions required to view compliance posture info are below.
User role |
Permissions |
Manager |
View compliance postures for all hosts (IP addresses) in asset groups assigned to the selected policy. |
Auditor |
View compliance postures for all hosts (IP addresses) in asset groups assigned to the selected policy. |
Unit Manager |
View compliance postures for all hosts (IP addresses) in asset groups assigned to the selected policy, when the hosts are included in the user’s business unit. |
Scanner |
View compliance postures for all hosts (IP addresses) in asset groups assigned to the selected policy, when the hosts are included in the user’s account. |
Reader |
View compliance postures for all hosts (IP addresses) in asset groups assigned to the selected policy, when the hosts are included in the user’s account. |
All users have permission to view posture information for all hosts (IP addresses) in the asset groups assigned to the selected policy provided they have permission to view the hosts themselves. This permission is granted even when users do not have permission to view the asset groups assigned to the policy.
For example, when a user makes a request for compliance posture information for “Policy A” and this policy has one assigned asset group “Hong Kong”, and the user does not have permission to view this asset group, then the user does have permission to view compliance posture info records for all the IP addresses in the asset group “Hong Kong” provided the IP addresses in the group “Hong Kong” are visible to the user.