This feature is available on the StackHawk Enterprise plan.
Users in StackHawk are assigned a Role for access control to functionality and feature visibility.
Role Definitions in StackHawk
- Owner: The highest access level in StackHawk, with access to all functionality.
- Admin: Has all access except Billing.
- Member: Limited access as follows…
- No ability to see or change Organization level settings.
- No ability to add or configure Integrations.
- No ability to invite or modify Users.
- No ability to modify Teams.
- No ability to view or change the configured Scan Policy for any Applications.
- Ability to create, modify and remove Applications on Teams they are assigned to.
- Ability to create, modify and remove Applications not assigned to any Team (unassigned).
Roles are configured in the
Settings -> Users page. In the list of users displayed, a user’s Role can be changed via the dropdown in the Role column.
In general, Roles can’t make changes “above” their rank in the hierarchy. For example, Members don’t have access to the User page, and so they can’t change an Admin or Owner role. However, an Admin does have access to the User Page but can’t change an Owner’s role (but can change Member roles).
- Owner: Can change any other User to and from Owner, Admin or Member.
- Admin: Can change any other Admin or Member to and from Admin and Member.
- Member: Can not change roles for any other User.