How can I limit role permissions to specific objects or assets?
Security-related permissions and job permissions cannot be limited to certain hosts or assets. For example, a user that has the view or manage job permission is able to view or manage all jobs. Other permissions related to the backup administrator and permissions for the workload administrator can be limited by the object group criteria.
Table: Role permissions and how to use object groups to limit permissions
Permission | Can filter and limit object groups by |
|---|---|
Recover/Restore | VMWare recovery points: Display name VM absolute path Cloud asset recovery points: Display name, vendor, config ID |
View Recovery Points | VMWare recovery points: Display name VM absolute path Cloud asset recovery points: Display name, vendor, config ID |
Download Files | VMWare recovery points: Display name VM absolute path Cloud asset recovery points: Display name, vendor, config ID |
Instant Access | VMWare recovery points: Display name VM absolute path Cloud asset recovery points: Display name, vendor, config ID |
Restore Files | VMWare recovery points: Display name VM absolute path Cloud asset recovery points: Display name, vendor, config ID |
Manage Protection Plans | Name, description |
View Protection Plans | Name, description |
View audit logs | All logs or no logs |
Manage global security settings | All settings or no settings |
Manage Certificates | All certificates or no certificates |
Manage Jobs | All jobs or no jobs |
View Jobs | All jobs or no jobs |
Manage Appservers and Asset Groups | Protection plans that user can view: Name, description Application servers: Server name, server type |
Manage Assets | Protection plans that user can view and subscribe assets to: Name, description Application servers: Server name, server type |
View Assets | VMware: Display name, VM absolute path Cloud: Display name, vendor, config ID |
Manage Access Rules | All objects or no objects |
View Access Rules | All objects or no objects |