Access to AppSec rules is controlled by the permission level assigned to each role. When configuring a role, select one of the following permission levels for AppSec Rules:
Permission level | Description |
|---|---|
None | No access to AppSec rules. The AppSec Rules page is not visible |
View | Read-only access. View detection rules, rule details, rule labels, and related issues. Filter and sort the rules table. Cannot create, modify, clone, delete, or enable/disable rules |
View/Edit | Full access. View, create, modify, clone, delete, and enable or disable detection rules. Modify labels on both OOTB and custom rules. Access the AppSec Rules Wizard to author custom rule definitions |
The following out-of-the-box roles include AppSec Rules permissions:
Role | Permission level | Description |
|---|---|---|
AppSec Admin | View/Edit | Full access to create, modify, clone, delete, and enable or disable detection rules |
Developer | View | Read-only access to view detection rules and rule details. Cannot create, modify, or delete rules |
Custom roles: To grant AppSec Rules access to a custom role, navigate to → and select the appropriate permission level.
Note
Custom roles can be configured with either View or View/Edit permissions for AppSec rules
API keys inherit the permissions of the role assigned during key generation. To perform write operations (create, modify, delete) through the AppSec rules API, the API key must have a role that includes View/Edit permissions