Auditor role template
This is a Group-level read-only role, meaning an Auditor can only view certain areas and functions in Snyk and cannot create PRs, Projects, and more.
This role can view issues, results of scans, and reports. An Auditor often verifies that there is a scan snapshot for a particular resource or Snyk Project. The Auditor may be external to the company.
Group-level permissions
To create this role, enable the following permissions in the relevant categories:
Group Management
| Permission | Enabled? |
|---|---|
View Groups | |
Edit Group details | |
View Group settings | |
Edit settings | |
View Group notification settings | |
Edit Group notification settings |
Organization management
| Permission | Enabled? |
|---|---|
View Organizations | |
Edit Organizations | |
Remove Organizations |
AppRisk management
| Permission | Enabled? |
|---|---|
View AppRisk | |
Edit AppRisk |
Audit Log management
| Permission | Enabled? |
|---|---|
View Audit Logs |
Insights management
| Permission | Enabled? |
|---|---|
Access Insights |
Reports management
| Permission | Enabled? |
|---|---|
View reports |
Security and License Policies
| Permission | Enabled? |
|---|---|
View Policies | |
Create Policies | |
Edit Policies | |
Delete Policies |
User management
| Permission | Enabled? |
|---|---|
View users | |
Invite users | |
Manage users | |
Add users | |
Provision users | |
User Leave | |
User Remove |
The remaining categories of permissions listed below should have all permissions within them set to disabled:
IaC settings management
Issue management
Request access management
Role management
Service account management
Snyk Apps management
Snyk Preview management
SSO settings management
Tags management
Organization-level permissions
To create this role, enable the following permissions in the relevant categories:
Organization management
| Permission | Enabled? |
|---|---|
View Organization | |
Edit Organization | |
Remove Organization |
Audit Log management
| Permission | Enabled? |
|---|---|
View audit logs |
Collection management
| Permission | Enabled? |
|---|---|
View Collections | |
Create Collection | |
Edit Collections | |
Delete Collections |
Container Image management
| Permission | Enabled? |
|---|---|
View container image | |
Create container image | |
Edit container image |
Integration management
| Permission | Enabled? |
|---|---|
View integrations | |
Edit integrations |
Project management
| Permission | Enabled? |
|---|---|
View Project | |
Add Project | |
Edit Project | |
Edit Project status | |
Test Project | |
Move Project | |
Remove Project | |
View Project history | |
Edit Project integrations | |
Edit Project attributes | |
View Jira issues | |
Create Jira issues | |
Edit Project Tags |
Project Ignore management
| Permission | Enabled? |
|---|---|
View Project Ignores | |
Create Project Ignores | |
Edit Project Ignores | |
Remove Project Ignores |
Reports management
| Permission | Enabled? |
|---|---|
View Organization reports |
Snyk Cloud management
| Permission | Enabled? |
|---|---|
View environments | |
Create environments | |
Delete environments | |
Update environments | |
View scans | |
Create scans | |
View resources | |
View artifacts | |
Create artifacts | |
View Custom Rules | |
Create Custom Rules | |
Edit Custom Rules | |
Delete Custom Rules |
Webhook management
| Permission | Enabled? |
|---|---|
View Outbound Webhooks | |
Create Outbound Webhooks | |
Remove Outbound Webhooks |
The remaining categories of permissions listed below should have all permissions within them set to disabled:
Billing management
Entitlement management
Kubernetes Integration management
Package management
Project pull request management
Service account management
Snyk Apps management
Snyk Preview management
User management
Last updated