AnsweredAssumed Answered

Unit managers can't see Cloud Agent Remediation tickets

Question asked by Brian Humphrey on Jun 26, 2019
  • We have 6 different "business units"
  • I have created a user profile for each business unit that I'm assigning VM Remediation tickets to through the VM->Remediation->Policies configuration page
    • This example the user profile is called  "TicketsProfile1" and the user is placed under the "BU1" business Unit
  • I  login with my Master "Manager" account (ManagerUser) and can see all vulnerability remediation tickets for every business unit. Including tickets that have been created from the "Cloud Agent" scans
  • I login with a test "Unit Manager" account (UnitManager) for our "BU1" business unit and can ONLY see Remediation tickets for assets that have been placed in a static "asset group" for "BU1". This account can't see any Remediation tickets that have been created from the "Cloud Agent" scans

 

Questions

  • Should a unit manager be able to see all remediation tickets for the business unit that they're assigned to?
  • Does an asset group have to be created and assigned to a specific user for the remediation tickets to be seen by the "Unit Manager"?
    • If they do, is there a way to create dynamic asset groups based on tags or something else? We have A LOT of elastic assets that spin up and down every day from our Public clouds. There is no way to create static asset groups from those environments.

Outcomes