Security Groups

APM provides three security groups to which you can assign users:

  • APM User. The APM User creates and manages his own application entities, responds to surveys or requests for more information, and uses portlets to view application data. See Application Portfolio Management User's Guide for more information about the APM user's role.

  • APM Analyst. The APM Analyst has all the abilities of an APM User and can create and manage any APM entity, analyze applications using application sets, portlets, reports, graphing, and groupings, import and export entity data, and define portlets. See Application Portfolio Management Analyst's Guide for more information about the APM analyst's role.

  • APM Administrator. The APM Administrator installs, sets up, and maintains APM, defines users, customizes fields and validations for entities, and can create customized entities, data sources, workflows, validations, report types, and security groups. See The Role of the APM Administrator for more information about the APM administrator's role.

Note: Any user's ability can be affected by the roles assigned to the user and any entity-level or field-level settings assigned to the user.

Table 3-2. APM security group access grants shows the access grants assigned to each APM security group. For a description of PPM access grants, see Security Model Guide and Reference. For a description of APM-specific access grants, see Access Grants.

Note: View access grants provide read-only access to screens and entities. Users who do not have a view access grant cannot see certain workbenches and windows.

Edit access grants typically enable a user to view, create, modify, and delete entities. For example, if you have the Edit Requests access grant, you can delete requests that you have created.

Table 3-2. APM security group access grants

Category

Access Grant Name

Security Groups

APMUser

APM Analyst

APM Administrator

Config

Edit Report Types

    ü

Config

Edit Validation Values

    ü

Config

Edit Validations

    ü

Config

View Notification Templates

    ü

Config

View Report Types

    ü

Config

View Special Commands

    ü

Config

View User Data

    ü

Config

View Validations

    ü

Config

View Workflows

    ü

Demand Mgmt

Access Request Query Builder

ü

ü

ü

Demand Mgmt

Edit Request Header Types

    ü

Demand Mgmt

Edit Request Types

    ü

Demand Mgmt

Edit Requests

ü

ü ü

Demand Mgmt

View Request Header Types

  ü  

Demand Mgmt

View Request Types

  ü  

Demand Mgmt

View Requests

ü

ü  

Deployment Mgmt

View Packages

   

ü

Financial Mgmt

Edit Actuals on Financial Summary

ü ü  

Financial Mgmt

Edit Approved Budget

ü ü  

Financial Mgmt

Edit Cost Security

ü ü

ü

Financial Mgmt

Edit Financial Benefits

ü ü  

Financial Mgmt

Edit Forecasts on Financial Summary

ü ü  

Financial Mgmt

Set a Financial Summary Snapshot as the Plan of Record

ü ü  

Financial Mgmt

View Costs on Financial Summary

ü ü  

Financial Mgmt

View Financial Benefits

ü ü  

Portfolio Mgmt

Assess Application Portfolio

  ü ü

Sys Admin

Configure Modules

    ü

Sys Admin

Distribute Modules

    ü

Sys Admin

Edit Security Groups

    ü

Sys Admin

Edit Users

    ü

Sys Admin

Manage Translations

    ü

Sys Admin

Server Administrator

    ü

Sys Admin

Server Tools: Execute Admin Tools

    ü

Sys Admin

Server Tools: Execute SQL Runner

    ü

Sys Admin

View Security Groups

    ü

Sys Admin

View Server Tools

    ü

Sys Admin

View Users

    ü

System

Edit All Reports

    ü

System

Edit Portlet Definition

  ü ü

System

Import Data

  ü ü

System

Open Workbench

    ü

System

Ownership Override

    ü

System

Submit Reports

  ü ü

System

View Portlet Definition

  ü ü