Auditor role template

This is a Group-level read-only role, meaning an Auditor can only view certain areas and functions in Snyk and cannot create PRs, Projects, and more.

This role can view issues, results of scans, and reports. An Auditor often verifies that there is a scan snapshot for a particular resource or Snyk Project. The Auditor may be external to the company.

Group-level permissions

To create this role, enable the following permissions in the relevant categories:

Group Management

PermissionEnabled?

View Groups

Edit Group details

View Group settings

Edit settings

View Group notification settings

Edit Group notification settings

Organization management

PermissionEnabled?

View Organizations

Edit Organizations

Remove Organizations

AppRisk management

PermissionEnabled?

View AppRisk

Edit AppRisk

Audit Log management

PermissionEnabled?

View Audit Logs

Insights management

PermissionEnabled?

Access Insights

Reports management

PermissionEnabled?

View reports

Security and License Policies

PermissionEnabled?

View Policies

Create Policies

Edit Policies

Delete Policies

User management

PermissionEnabled?

View users

Invite users

Manage users

Add users

Provision users

User Leave

User Remove

The remaining categories of permissions listed below should have all permissions within them set to disabled:

  • IaC settings management

  • Issue management

  • Request access management

  • Role management

  • Service account management

  • Snyk Apps management

  • Snyk Preview management

  • SSO settings management

  • Tags management

Organization-level permissions

To create this role, enable the following permissions in the relevant categories:

Organization management

PermissionEnabled?

View Organization

Edit Organization

Remove Organization

Audit Log management

PermissionEnabled?

View audit logs

Collection management

PermissionEnabled?

View Collections

Create Collection

Edit Collections

Delete Collections

Container Image management

PermissionEnabled?

View container image

Create container image

Edit container image

Integration management

PermissionEnabled?

View integrations

Edit integrations

Project management

PermissionEnabled?

View Project

Add Project

Edit Project

Edit Project status

Test Project

Move Project

Remove Project

View Project history

Edit Project integrations

Edit Project attributes

View Jira issues

Create Jira issues

Edit Project Tags

Project Ignore management

PermissionEnabled?

View Project Ignores

Create Project Ignores

Edit Project Ignores

Remove Project Ignores

Reports management

PermissionEnabled?

View Organization reports

Snyk Cloud management

PermissionEnabled?

View environments

Create environments

Delete environments

Update environments

View scans

Create scans

View resources

View artifacts

Create artifacts

View Custom Rules

Create Custom Rules

Edit Custom Rules

Delete Custom Rules

Webhook management

PermissionEnabled?

View Outbound Webhooks

Create Outbound Webhooks

Remove Outbound Webhooks

The remaining categories of permissions listed below should have all permissions within them set to disabled:

  • Billing management

  • Entitlement management

  • Kubernetes Integration management

  • Package management

  • Project pull request management

  • Service account management

  • Snyk Apps management

  • Snyk Preview management

  • User management

Last updated

More information

Snyk privacy policy

© 2024 Snyk Limited | All product and company names and logos are trademarks of their respective owners.