# Configuration Management Security Role: Forms Tab

{% hint style="info" %}

### Before you start

**Forms** must be selected in the [System Settings](https://docs.alemba.com/asm/asm-hermes/setup-and-configure-asm/configuring-your-system/system-administration-settings/system-settings-menu/system-settings) window to enable the tab.

You must have **Security Roles setup** selected in the Admin tab of your own **General Access security role** before you can assign or remove permissions for any security roles.
{% endhint %}

1. Display the Configuration Management Security Roles details window, if it is not already on screen.
2. Assign the global permissions for the security role:

<table data-header-hidden><thead><tr><th width="267"></th><th></th></tr></thead><tbody><tr><td>Disable CMDB Security</td><td>Analysts with this role have unlimited access to the CMDB, including the <strong>External Resource Search</strong>and <strong>Federated CMDB Admin</strong> options. Select this option to effectively turning off the granular security system for access to the CMDB. All CMDB items will open in edit mode, regardless of other permissions. Leave this deselected to assign specific permissions to the role.</td></tr><tr><td>External Resource Search</td><td>Analysts with this role can search for CMDB items from the External Resources Search window. Analysts with this permission are restricted to a <strong>Cached Resource Search</strong> so searches can only return CMDB details that have been imported and not excluded from the Federated CMDB. This option also allows Analysts to view external resource data via the Linked Resources option.</td></tr><tr><td>Federated CMDB Admin</td><td><p>Analysts with this role can import CMDB Items from the External Resource Search window. They can also perform a <strong>Full Resource Search</strong>to search for Item Details within the CMDB which have not been imported into ASM Core, access the <strong>Federated CMDB Administration</strong> windows and access and process Discrepancy Reports through the CMDB Item Details Explorer option of the same name. </p><p>This option is only enabled if <strong>External Resource Search</strong> is selected.</p></td></tr></tbody></table>

1. Select the **Forms** tab
2. Select **Form Security**. Analysts with this role will be able to edit all CMDB forms selected for the role. If you deselect **Form Security**, the role will have access to all CMDB forms and the options below will be grayed out.
3. To make a form available to the role, select it from the **Available Forms** table, and then select ![](https://alemba.help/help/10.0/content/resources/images/add%20word%20button_49x25.png) to see it appear in the lower **Selected List** table.
4. To set the access type for the form, click in the **Access** column for the form and select the access from the drop-down list. **Read Only** enables Analysts to view the forms and **Read/Write** allows Analysts with this role to open and edit forms of the selected type.
5. To remove a form, select it in the **Selected List** table and the select ![](https://alemba.help/help/10.0/content/resources/images/remove%20word%20button_59x26.png).
6. Select  ![](https://alemba.help/help/10.0/content/resources/images/save%20and%20close%20button.png) to save the changes and close the window. Provide the [Change Reasons](https://alemba.help/help/10.0/content/topics/general%20topics/change%20reasons.htm) if prompted to do so. Alternatively, select another tab, if appropriate.