NetBackup™ Web UI Security Administrator's Guide
- Introducing the NetBackup web user interface
- Managing role-based access control
- About role-based access control (RBAC) in NetBackup
- NetBackup default RBAC roles
- Configuring RBAC
- Add a custom role
- Edit or delete a custom role
- Add an object group
- Previewing the assets, application servers, or protection plans for an object group
- Edit or delete an object group
- Add access for a user through access rules
- Edit or remove user access rules
- How can I limit role permissions to specific objects or assets?
- Security events and audit logs
- Managing host mappings and certificates
- About security management and certificates in NetBackup
- NetBackup host IDs and host ID-based certificates
- View NetBackup host information
- Approve or add mappings for a host that has multiple host names
- Reissue a certificate when a host's certificate is no longer valid
- Remove mappings for a host that has multiple host names
- Reset a host's attributes
- Managing global security settings
- Troubleshooting the web UI
How can I limit role permissions to specific objects or assets?
Security-related permissions and job permissions cannot be limited to certain hosts or assets. For example, a user that has the view or manage job permission is able to view or manage all jobs. Other permissions related to the backup administrator and permissions for the workload administrator can be limited by the object group criteria.
Table: Role permissions and how to use object groups to limit permissions
Permission | Can filter and limit object groups by |
|---|---|
Recover/Restore | VMWare recovery points: Display name VM absolute path Cloud asset recovery points: Display name, vendor, config ID |
View Recovery Points | VMWare recovery points: Display name VM absolute path Cloud asset recovery points: Display name, vendor, config ID |
Download Files | VMWare recovery points: Display name VM absolute path Cloud asset recovery points: Display name, vendor, config ID |
Instant Access | VMWare recovery points: Display name VM absolute path Cloud asset recovery points: Display name, vendor, config ID |
Restore Files | VMWare recovery points: Display name VM absolute path Cloud asset recovery points: Display name, vendor, config ID |
Manage Protection Plans | Name, description |
View Protection Plans | Name, description |
View audit logs | All logs or no logs |
Manage global security settings | All settings or no settings |
Manage Certificates | All certificates or no certificates |
Manage Jobs | All jobs or no jobs |
View Jobs | All jobs or no jobs |
Manage Appservers and Asset Groups | Protection plans that user can view: Name, description Application servers: Server name, server type |
Manage Assets | Protection plans that user can view and subscribe assets to: Name, description Application servers: Server name, server type |
View Assets | VMware: Display name, VM absolute path Cloud: Display name, vendor, config ID |
Manage Access Rules | All objects or no objects |
View Access Rules | All objects or no objects |