You create a custom API access level for your appliance to configure multiple appliances for your organization. To create an access level, you must be a Super Admin. Creating an access level for your appliance is a one-time task.

Procedure

  1. Log in to the Carbon Black Cloud console and navigate to the Settings > API Access > Access Levels tab.
  2. Click Add Access Level and populate the name, and description fields for the custom API access level for your appliance.
    Enter a name that users in your organization can easily identify. You can append the name with the word Appliance.
  3. Select the boxes of the permission functions (CRUDE) and include the following access levels from the Category column.
    1. For the Appliances access level with permission name Send workload assets to CBC, select create.
    2. For the Appliances access level with permission name Appliances registration , select create, read, update, delete.
    3. For the Device access level with permission name Uninstall, select execute.
    4. For the Device access level with permission name Deregistered, select delete.
    5. For the Device access level with permission name Sensor kits, select execute.
    6. For the Device access level with permission name General information, select read.
    7. For the Live Query access level with permission name Manage queries, select create, read, update, delete.
    8. For the Vulnerability access level with permission name Vulnerability Assessment Data, select read, execute.
    9. For the Workload Management access level with permission name View Workloads without sensors, select read.
    10. For the Workload Management access level with permission name Install sensor on vCenter workload, select execute.
    11. For the Workload Management access level with permission name Uninstall sensor on vCenter workload, select execute.
    12. For the Workload Management access level with permission name Manage host module on ESX server, select execute.
    13. For the Workload Management access level with permission name Fetch ESX server details, select read.
  4. To apply the changes, click Save.

What to do next

After you create the access level, use it to generate an API key for your appliance.