Permission Types

Roles define the actions that can be performed on the resources defined in a resource group. While a resource group defines the resources that will be made available to an account, a role sets the permissions to interact with the resources defined in the resource group. For example, if a resource group is created that includes IBM Spectrum Protect Plus Backup and Restore jobs, the role will determine how a user can interact with the jobs. Permissions can be set to allow a user to create, view, and run the Backup and Restore jobs defined in a resource group, but not delete them. Similarly, permissions can be set to create administrator accounts, allowing a user to create and edit other accounts, set up sites and resources, and interact with all of the available IBM Spectrum Protect Plus features.

The following permissions are available.

Name Permissions Description
Application View Used to view individual application databases on an application server in IBM Spectrum Protect Plus.
Application Server Register, view, edit, deregister Used to interact with application servers, such as SQL or Oracle servers, without access to individual databases.
Hypervisor Register, view, edit, deregister, options Used to interact with hypervisor virtual machines, such as VMware or Hyper-V virtual machines.
Identity Create, view, edit, delete Used to interact with the credentials required to access your resources. Identity functionality is available through the Accounts > Identities pane.
LDAP Register, view, edit, deregister Used to interact with LDAP servers for user registration.
Log View Used to view Audit and System logs.
Job Create, view, edit, run, delete Used to interact with Inventory, Backup, and Restore jobs.
VADP Proxy Register, view, edit, deregister Used to interact with VADP Proxy servers.
Report Create, view, edit, delete Used to interact with reports.
Resource Group Create, view, edit, delete Used to interact with resource groups, which define the IBM Spectrum Protect Plus resources that will be made available to a user.
Role Create, view, edit, delete Used to interact with roles, which define the actions that can be performed on the resources defined in a resource group.
Script Upload, view, replace, delete Used to interact with prescripts and postscripts that are added to IBM Spectrum Protect Plus and run before or after a job.
Site Create, view, edit, delete Used to interact with sites, which are assigned to vSnap backup storage servers.
SMTP Register, view, edit, deregister Used to interact with SMTP servers for job notifications.
Storage Register, view, edit, deregister Used to interact with vSnap backup storage servers.
SLA Policy Create, view, edit, delete Used to interact with SLA Policies, which allow users to create customized templates for Backup jobs.
User Create, view, edit, delete Used to interact with users, which associated a resource group with a role, and provides access to the IBM Spectrum Protect Plus user interface.

RELATED TOPICS:

 


IBM Spectrum Protect Plus 10.1.2

Licensed Material - Property of IBM Corp. © IBM Corporation and other(s) 2018. IBM is a registered trademark of the IBM Corporation in the United States, other countries, or both. | 8/23/2018