Role elevation workflow
Here is the workflow for role elevation in NetBackup:
Table:
Step | Description |
|---|---|
Step 1 | Administrator identifies NetBackup operations that may require temporary elevated privileges. Typical examples include configuration updates, device or media operations, and critical security tasks. |
Step 2 | Administrator assigns a user to a base role using RBAC UI. |
Step 3 | Administrator configures role elevation mappings to specify the roles to which the base role can be elevated during role elevation of the user. |
Step 4 | User requests role elevation for a certain operation and multiperson authorization (MPA) ticket is created. |
Step 5 | MPA approver reviews and approves the ticket. |
Step 6 | User signs in again and performs the required operation with the elevated role. |
Step 7 | After the operation is performed with an elevated role, user de-elevates the role or after the specified duration, NetBackup automatically de-elevates the role and all the elevated log-in sessions See De-elevate roles. User signs in again to go back to the base role. |