Asset Inventory permissions ↗
Configure Asset Inventory permissions (under Inventory).
Asset Inventory provides comprehensive visibility into organizational assets, such as a unified view of all assets (endpoints, cloud instances, domains, certificates), asset categorization and tagging, asset relationship mapping, and attack surface visibility.
Users access these features by going to → → , where they can view assets such as all Cloud assets, AI assets, API Endpoints, Code assets, Compute assets, and data assets.
For more information, see All Assets.
The Asset Inventory permissions control the ability to view the unified asset landscape and manage overarching asset categorizations and tags.
Permissions | Description | Roles Example |
|---|---|---|
None | Cannot view the Asset Inventory menu from → → . Viewing asset data in cases is limited. | |
View | Read-only access to the Asset Inventory Menu and categories, such as cloud assets, AI assets, API Endpoints, Code assets, Compute assets, and data assets. Users can browse assets but cannot modify tags or assignments. |
|
View/Edit | Full access. Includes all View capabilities plus read and write access to all categories. Users can manage asset tags, annotations, custom properties, and business unit assignments across all asset categories. NoteThe asset inventory is primarily populated dynamically through agents and integrations. The View/Edit permission governs the management of asset metadata (such as assigning tags, setting business units, and modifying annotations) rather than the manual creation of the assets themselves. | Security Engineer: Maintain asset inventory and tags. |