SupportSnyk LearnAPI referenceProduct updatesSign up for free

Auditor role template

This is a Group-level read-only role, meaning an Auditor can only view certain areas and functions in Snyk and cannot create PRs, Projects, and more.

This role can view issues, results of scans, and reports. An Auditor often verifies that there is a scan snapshot for a particular resource or Snyk Project. The Auditor may be external to the company.

Group-level permissions

To create this role, enable the following permissions in the relevant categories:

Group Management

Permission
Enabled?

View Groups

Edit Group details

View Group settings

Edit settings

View Group notification settings

Edit Group notification settings

Organization management

Permission
Enabled?

View Organizations

Edit Organizations

Remove Organizations

AppRisk management

Permission
Enabled?

View AppRisk

Edit AppRisk

Audit Log management

Permission
Enabled?

View Audit Logs

Insights management

Permission
Enabled?

Access Insights

Reports management

Permission
Enabled?

View reports

Security and License Policies

Permission
Enabled?

View Policies

Create Policies

Edit Policies

Delete Policies

User management

Permission
Enabled?

View users

Invite users

Manage users

Add users

Provision users

User Leave

User Remove

The remaining categories of permissions listed below should have all permissions within them set to disabled:

  • IaC settings management

  • Issue management

  • Request access management

  • Role management

  • Service account management

  • Snyk Apps management

  • Snyk Preview management

  • SSO settings management

  • Tags management

Organization-level permissions

To create this role, enable the following permissions in the relevant categories:

Organization management

Permission
Enabled?

View Organization

Edit Organization

Remove Organization

Audit Log management

Permission
Enabled?

View audit logs

Collection management

Permission
Enabled?

View Collections

Create Collection

Edit Collections

Delete Collections

Container Image management

Permission
Enabled?

View container image

Create container image

Edit container image

Integration management

Permission
Enabled?

View integrations

Edit integrations

Project management

Permission
Enabled?

View Project

Add Project

Edit Project

Edit Project status

Test Project

Move Project

Remove Project

View Project history

Edit Project integrations

Edit Project attributes

View Jira issues

Create Jira issues

Edit Project Tags

Project Ignore management

Permission
Enabled?

View Project Ignores

Create Project Ignores

Edit Project Ignores

Remove Project Ignores

Reports management

Permission
Enabled?

View Organization reports

Snyk Cloud management

Permission
Enabled?

View environments

Create environments

Delete environments

Update environments

View scans

Create scans

View resources

View artifacts

Create artifacts

View Custom Rules

Create Custom Rules

Edit Custom Rules

Delete Custom Rules

Webhook management

Permission
Enabled?

View Outbound Webhooks

Create Outbound Webhooks

Remove Outbound Webhooks

The remaining categories of permissions listed below should have all permissions within them set to disabled:

  • Billing management

  • Entitlement management

  • Kubernetes Integration management

  • Package management

  • Project pull request management

  • Service account management

  • Snyk Apps management

  • Snyk Preview management

  • User management

PreviousDeveloper role templateNextRemediator role template

Last updated