System-provided roles and associated privileges lists the privileges that
PowerProtect Data Manager Appliance associates with each integrated role. For each privilege, the following tables identify the specific tasks which a user with that privilege can perform.
Create, publish, cancel, ignore, promote, and demote alerts and external notifications.
Acknowledge alerts and add notes to alerts.
View Historical Data
View historical data that relates to plans, arrays, data targets, data sources, and capacity data.
View Activities
View jobs.
Manage Activities
Create, view, edit, and cancel activity resources.
Export logs.
Manage External Notifications
Subscribe or unsubscribe a user for alert notifications.
Workflow Execution
Start and cancel workflow execution.
View the status of workflow execution.
View Protection Activities
View protection activities.
View protection diagnostic logs.
View Recovery Activities
View recovery activities.
View recovery diagnostic logs.
View System Activities
View system activities.
Table 2. Security and system audit privilegesSecurity and system audit privileges
Privilege
Task
View Security/System Audit
View security audit–related events and activities.
Manage Security/System Audit
Acknowledge security audit–related events and activities.
Export audit/change log of events and activities.
Table 3. Support assistance and log management privileges Support assistance and log management privileges
Privilege
Task
View Diagnostic Logs
View log bundle resources.
View log information resources.
View the log source resource.
View server related logs.
View logs.
Manage Diagnostic Logs
View and manage log bundle resources.
View and edit the log source resource.
Export server related logs.
Export logs.
Table 4. User and security management privilegesUser and security management privileges
Privilege
Task
View User Security
View users and roles.
View
identity providers and AD/LDAP groups.
View external host TLS certificates.
View allowlists.
Manage User Security
Create, view, edit, and delete users.
View roles.
Create, view, edit, and delete allowlists.
Create, view, edit, and delete external host TLS certificates.
Create, view, edit, and delete
identity providers.
Create, view, edit, and delete user groups.
Manage Multi Factor Authentication
Add and manage MFA configuration.
Enable and disable MFA for local users.
Manage Security Officer User Security
Create, view, edit, and delete users with security officer role
View Security Officer User Security
View users with security officer role
Table 5. System management privilegesSystem management privileges
Privilege
Task
View System Settings
View server disaster recovery artifacts.
View maintenance mode.
View license information.
View server disaster recovery status.
View SupportAssist information.
View node, configuration EULA, operating system user, update package, component, configuration status, configuration logs, time zone, and state resources.
View Cyber Recovery configuration.
Manage System Settings
Manage server disaster recovery activities.
Manage SupportAssist gateway connection and other telemetry communications.
View and edit node state resources.
Update license information.
View component, configuration status, configuration logs, time zone, and state resources.
View and edit node, configuration EULA, operating system user, and lockbox resources.
Create, view, edit, and delete update package resources.