User Roles

The User Roles screen provides a list of all default user roles and all custom user roles that you can assign to user accounts. User roles define which areas of the Apex Central web console a user can access and control. You can use this screen to create and edit custom Apex Central user roles.


If a custom user role in a previous Apex Central version has permissions to Policy Management menu items, the role will have full control permissions after upgrading to the current release. You can change the permissions to "Maintain" or "Read-only". When upgrading from a Apex Central version that does not include Policy Management, custom user roles have no permissions to manage or view Policy Management features until you choose to modify the role settings.

  • Only the <Root> account created during installation, or user accounts that have been assigned the Administrator or Administrator and DLP Compliance Officer user role, can create new user accounts and assign user roles.

  • The access rights defined for a user role take precedence over the managed product/folder access rights that you configure for individual user accounts.

    For more information, see Managed Product Access Control.

The following table outlines the tasks available on the User Roles screen.



Add user roles

Click Add to create a new custom user role.

For more information, see Adding a User Role.

Delete user roles

Select the check box next the Name of an custom user role and click Delete to permanently remove the role.


You cannot delete any of the default user roles provided by Trend Micro Apex Centralâ„¢.

Edit user roles

Click the Name of a user role to edit or view assigned access rights.

For more information, see Editing a User Role.


You cannot edit any of the default user roles provided by Trend Micro Apex Centralâ„¢.

For more information about the default user roles, see Default User Roles.