How to create a WAS only user

Document created by Parag Baxi on Oct 23, 2013Last modified by Parag Baxi on Oct 23, 2013
Version 2Show Document
  • View in full screen mode

How to create a WAS only user that does not have access to any VM data for the purpose of maintaining least privileges.



  1. Create an asset group with 0 IPs and call it "WAS only".
  2. Assign the user Reader role.
  3. On the Asset Groups tab, assign the user the "WAS only" asset group.
    image (1).png
  4. On the Permissions tab, enable the following checkboxes
    image (2).png
    1. Manage VM module
    2. Manage web applications
    3. Create web applications
  5. Select the WAS module.
  6. Select the Administration module at the bottom.
    download (4).png
  7. In the Administration Module, edit the WAS only user.
  8. In the Roles & Scopes tab, uncheck the Allow user full permissions and scope box.
  9. Assign the appropriate WAS only role -- note these roles will may to be created first.
    QualysGuard Portal.png