Decouple Compliance View from the Action Permission for Scan Devices button

Decouple Compliance View from the Action Permission for Scan Devices button

0 Votes

We are on 10.23 version. We have a large number (~70) of software policies (containing > 20K rpms) attached to our Linux servers and users are normally checking server compliance via SA. 

A few weeks ago a non-admin user checked the Compliance view, and pressed “scan devices” for all managed servers, that started a huge job on the mesh that lead to mesh outage due to the Compliance SQL query.

 

This is an enhancement request to ask for the following permissions combination:

-a user should be able to see compliance data but not have the ability to scan devices.

 

Microfocus support performed an intensive test on SA 10.2 10.5 and 10.6 and under each circumstances both compliance view on software policies and scan button are associated.

 

For instance if we add a user only to OOTB "compliance auditors" user group, by default as you can see below we can see software policy compliance and “scan devices” is enabled. (screenshot below)

 ScanDevices.png

If you change Manage software policies permission from read to NO, then both compliance and scan button are missing (expected); screenshot below.

ScanMissing.png

This enhancement is to decouple the 2 things:

 

--software policy compliance view

--scan button for software policies

Note: This is only for 10.23 as I understand that the calculation of compliance is totally overhauled in 10.5+ whereby only the installed server packages are checked, instead of checking all those that are attached via SW policies. 

1 Comment
Micro Focus Expert
Micro Focus Expert
Status changed to: Waiting for Votes

The idea has received an initial review to ensure adherence to our idea submission and community guidelines. More information may be needed at this stage and we expect the community to help prioritize the idea with comments and community support (votes/kudos).

The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.