Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

back

CTE UserSpace Administration

Permissions

search

Please Note:

Permissions

This section provides the complete list of permissions required by a CipherTrust Manager user to perform create, read, update, and delete operations on CTE resources.

Create Operations

OperationRequired Permissions
Create CTE client• CreateClientCTE
• ReadClientCTE
• ReadProfileCTE
Create STANDARD policy with existing policy elements
and key
• ReadPolicyCTE
• ReadSignatureSetCTE
• ReadUserSetCTE
• ReadProcessSetCTE
• ReadResourceSetCTE
• ReadSecurityRuleCTE
• ReadClientAndResourceMappingReadCTE
• CreatePolicyCTE
• CreateKeyRuleCTE
• ReadKeyMetaCTE
• CreateKeyMetaCTE
• UpdateKeyMetaCTE
• CreateSecurityRuleCTE
• ReadKeyRuleCTE
• ReadKey

Create STANDARD policy with permission to
create policy elements using existing key |• ReadPolicyCTE
• ReadSignatureSetCTE
• ReadUserSetCTE
• ReadProcessSetCTE
• ReadResourceSetCTE
• ReadSecurityRuleCTE
• ReadClientAndResourceMappingReadCTE
• CreatePolicyCTE
• CreateKeyRuleCTE
• ReadKeyMetaCTE
• CreateKeyMetaCTE
• UpdateKeyMetaCTE
• CreateSecurityRuleCTE
• ReadKeyRuleCTE
• ReadKey
• CreateSignatureSetCTE
• CreateUserSetCTE
• CreateProcessSetCTE
• CreateResourceSetCTE

Create client group |• CreateProfileCTE
• ReadProfileCTE
• CreateClientGroupCTE
• ReadClientGroupCTE Create signature set superset |• CreateSignatureSetCTE
• ReadSignatureSetCTE
• ReadClientCTE
• CreateSignatureCTE
• ReadSignatureCTE Create user set superset |• CreateUserSetCTE
• ReadUserSetCTE
• ReadClientCTE Create process set superset |• CreateProcessSetCTE
• ReadProcessSetCTE
• CreateProcessSetSignatureSetAssociationCTE
• CreateSignatureSetCTE
• ReadSignatureSetCTE
• ReadClientCTE
• CreateSignatureCTE
• ReadSignatureCTE Create resource set |• CreateResourceSetCTE
• ReadResourceSetCTE
• ReadClientCTE Create CTE profile |• CreateProfileCTE
• ReadProfileCTE

Create client group - client association |• CreateClientCTE
• ReadClientCTE
• UpdateClientCTE
• CreateClientGroupCTE
• ReadClientGroupCTE
• UpdateClientGroupCTE
• CreateClientGroupClientAssociationCTE
• ReadClientGroupClientAssociationCTE
• UpdateClientGroupClientAssociationCTE

Update Operations

OperationRequired Permissions
Update unregistered client
Enable capabilities
Reset CTE client password
• ReadClientCTE
• UpdateClientCTE
Update authentication binaries for client
and client group
• ReadClientCTE
• UpdateClientCTE
• ReadClientGroupCTE
• UpdateClientGroupCTE
Update CTE policy• ReadPolicyCTE
• ReadSignatureSetCTE
• ReadUserSetCTE
• ReadProcessSetCTE
• ReadResourceSetCTE
• ReadSecurityRuleCTE
• ReadClientAndResourceMappingReadCTE
• CreatePolicyCTE
• CreateKeyRuleCTE
• ReadKeyMetaCTE
• CreateKeyMetaCTE
• UpdateKeyMetaCTE
• CreateSecurityRuleCTE
• ReadKeyRuleCTE
• ReadKey
• UpdatePolicyCTE
• UpdateKeyRuleCTE
• UpdateSecurityRuleCTE
Update client group• ReadClientCTE
• UpdateClientCTE
• ReadClientGroupCTE
• UpdateClientGroupCTE
• CreateClientGroupClientAssociationCTE
• ReadClientGroupClientAssociationCTE
• UpdateClientGroupClientAssociationCTE
Update signature set• ReadSignatureSetCTE
• ReadClientCTE
• CreateSignatureCTE
• ReadSignatureCTE
• UpdateSignatureSetCTE
• UpdateSignatureCTE
• ReadClientAndResourceMappingReadCTE
Update user set• ReadUserSetCTE
• UpdateUserSetCTE
• ReadClientCTE
• ReadClientAndResourceMappingReadCTE
• ReadClientCTE
Update process set• ReadCTEProcessSet
• UpdateCTEProcessSet
• CreateCTEProcessSetSignatureSetAssociation
• ReadCTEClientAndResourceMappingRead
• ReadClientCTE
Update resource set• ReadResourceSetCTE
• UpdateResourceSetCTE
• ReadClientCTE
• ReadCTEClientAndResourceMappingRead
Update client profile• ReadProfileCTE
• UpdateProfileCTE

Read Operations

OperationRequired Permissions
Read CTE client• ReadClientCTE
Read CTE client and its profile• ReadClientCTE
• ReadProfileCTE
Read CTE policy• ReadPolicyCTE
• ReadCTEClientAndResourceMappingRead
• ReadUserSetCTE
• ReadProcessSetCTE
• ReadResourceSet
• ReadSecurityRuleCTE
• ReadKeyRuleCTE
Read client group• ReadClientGroupCTE
Read client group and its profile• ReadClientGroupCTE
• ReadProfileCTE
Get client group - client association• ReadClientCTE
• ReadClientGroupCTE
• ReadClientGroupClientAssociationCTE
Read signature set• ReadSignatureSetCTE
Read user set• ReadUserSetCTE
Read process set• ReadProcessSetCTE
Read resource set• ReadResourceSetCTE
Read signature• ReadSignatureCTE
Read CTE profile• ReadProfileCTE

Read all reports |• ReadClientsReportCTE
• ReadClientsKeysReportCTE
• ReadClientsProfileReportCTE
• ReadClientsGuardStatusReportCTE
• ReadPolicyKeysReportCTE
• ReadClientsPoliciesReportCTE
• ReadGuardPointsReportCTE

Delete Operations

OperationRequired Permissions
Delete CTE client• ReadClientCTE
• DeleteClientCTE
• ReadClientGroupClientAssociationCTE
Unenroll CTE client• ReadClientCTE
• UpdateClientCTE
• ReadClientsPoliciesReportCTE
Delete CTE policy• DeletePolicyCTE
• ReadPolicyCTE
Delete client group• ReadClientGroupCTE
• DeleteClientGroupCTE
Delete signature set• ReadSignatureSetCTE
• DeleteSignatureSetCTE
Delete user set• ReadUserSetCTE
• DeleteUserSetCTE
Delete process set• ReadProcessSetCTE
• DeleteProcessSetCTE
Delete resource set• ReadResourceSetCTE
• DeleteResourceSetCTE
Delete CTE profile• ReadProfileCTE
• DeleteProfileCTE