Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Note

In the Roles and Permissions screen in AMP, you may see permissions that only apply to Armor Anywhere users. Your roles will not malfunction if you happen to include an Armor Anywhere permission to your role.

Note

The following tables lists permissions that apply to Armor Complete users.


...

Permissions for virtual machines and workloads

...


Permissions for Armor Marketplace

Screen / FeatureActionsPermissionsAdditional information
Armor Marketplace
  • View available add-on products
  • View subscription-based add-on products
  • Add and cancel products
  • Read Product Catalog
  • View Subscriptions
  • Write Subscriptions
Note

To learn more about the Armor Marketplace screen, see Armor Marketplace.



Permissions for the Health Dashboards

Screen / FeatureActionsPermissionsAdditional information
  • Health Overview (landing screen)
    • Protection
    • Detection
    • Response
    • Security Incidents
  • View the data that populates the security dashboards
  • Read Dashboard Statistics



Permissions for security screans

Screen / FeatureActionsPermissionsAdditional information
  • Security screens
    • Malware Protection
    • File Integrity Monitoring (FIM)
    • Patching
  • View the data that populates the security-focused screens
  • Read AVAM
  • Read FIM
  • Read OS Packages

...

hiddentrue

Security screen permissions

...

Security Dashboard (AMP landing page)

...

Malware Protection

...

FIM

...

Patching

...

Log Management

...

Read LogManagement

...

This permission allows you to view high-level information for log collection for each virtual machine, such as:

  • Date logs were last received
  • Average size of collected logs
  • Log Status

...

Log Management

...

Write LogManagement

...

Firewall

...

Read Firewall

...

This permission allows you to view details for firewall rules for each virtual machine.

...

Write Firewall

...

Marketplace screen permissions

...

Marketplace

...

Read Product Catalog

...

This permission allows you to view available add-on products.

You must have this permission enabled in your account in order to view purchased services and also to order new services in AMP.

...

This permission allows you to view the Armor Marketplace, as well as add and cancel subscription-based add-on products.

Specifically, you can add the subscription in the Armor Marketplace, and then cancel the subscription in the My Products screen of the User Details screen.

Infrastructure screen permissions

...

Workloads

...

Read Workload(s)

...

This permission allows you to view high-level data for workloads, such as

  • the associated data center
  • the number of tiers within the workload
  • the number of virtual machines within the workload

...

Virtual machines / VM Details

...

Read Virtual Machine Stats

...

This permission allows you to view usage data for a virtual data. This data is displayed in a line graph.

...

Virtual Machines / VM Detail

...

This permission allows you to view data for a virtual machine, such as

  • Operating system
  • Size
  • Corresponding workload
  • Status

...

Virtual Machines / VM Detail

...

Virtual Machines / VM Detail

...

This permission allows you to view high-level data for the server replication (disaster recovery) add-on product. Specifically, this permission allows you to view:

  • The status of the add-on product (configuring, enabled, disabled)
  • The location of the primary data center
  • The location of the failover data center
  • The status of the replication

...

Virtual Machines / VM Detail

...

Virtual Machines / VM Detail

...

Read Tasks

...

Virtual Machines / VM Detail

...

Virtual Machines / VM Detail

...

IP Addresses

...

Read Network IP

...

This permission allows you to view data for unassigned and assigned public and private IP addresses

...

This permission allows you to update an IP address, such as:

  • Assign an IP addresses
  • Unassign an IP addresses
  • Delete IP address
  • Request a new public IP address

...

L2L VPN

...

Read Network L2L

...

This permission allows you to view high-level data for your L2L network tunnels.

...

SSL/VPN

...

Read SSL VPN Devices and Users

...

This permission allows you to view the status of your users' SSL VPN client.

...

hiddentrue


...




Read Advanced Backup Plans This permission allows you to subscribe to the Advance Backup add-on product.

Read IDS

Commit Advanced Backup Restore - This permission allows you to commit a snapshot after the restore has completed.

Create Advanced Backup Policy - This permission allows you to create a new policy.

Read Advanced Backup - This permission allows you to view the Advanced Backup dashboard (screen).

Read Advanced Backup Policy - This permission allows you to view policy information and associated details.

Read Advanced Backup Snapshots - This permission allows you to view a list of snapshots (backups) for a virtual machine.

Read Advanced Backup Vms - This permission allows you to view the virtual machines subscribed to the add-on product.

Refreshed Advanced Backup Snapshots - This permission allows you to refresh the current list of available snapshots/backups for a virtual machine.

Remove Advanced Backup - This permissoins allows you to unsubscribe a virtual machine

Request Advanced Backup Restore - This permission allows you to initiate a restore of the snapshot (backup).

Update Advanced Backup Policy - This permission allows you to update settings on a policy.

Write Advanced Backup - This permission allows you to create a policy.

Read Advanced Backup Plans = Needed to subscribe to the service (I’m not 100% sure we’re actually using this, but let’s go ahead and document just in case).

Read Advanced Backup Policy = View Policy information and associated details.

Read Advanced Backup VMs = View VMs subscribed to the service.

Remove Advanced Backup = Unsubscribe VMs from the service.

Create Advanced Backup Policy = Create a new policy.

Read Advanced Backup Snapshots = View a list of snapshots/backups for a given VM.

Refresh Advanced Backup Snapshots = Refresh the current list of available snapshots/backups for a given VM.

Commit Advanced Backup Restore = Commit to a snapshot after the restore has completed.

Read Advanced Backup = Needed to view the Advanced Backup dashboard.

Write Advanced Backup = Needed to subscribe to the service.

Update Advanced Backup Policy = Edit settings on a Policy.

Request Advanced Backup Restore = Initiate a restore to a snapshot/backup. (this would be followed by the commit action, assuming the restore is successful and the customer is happy with that restore point)

Compliance screen permissions

...

Compliance

...

Read Compliance

...

This permission allows you to view information for the vulnerability scanning add-on product information. Specifically, you will see the status of the add-on product.

...

Support screen permissions

...

Tickets + Notification

...

Read Ticket(s)

...

This permission allows you to view previous and current support tickets.

...

Account screen permissions

...

Read Identity

...

This permission allows you to view the account-level information, such as

  • Account overview
  • Armor contacts
  • User profiles
  • Roles and permissions

...

This permission allows you to update account-level information, such as:

  • Invite and remove users
  • Create, update, and remove roles
  • Assign and unassign roles to users
  • Unlock a user after several failed login attempts

...

Update Customer Passwords

...

This permission allows you to update your password

...

This permission allows you to update your personal account information, such as your:

  • Password
  • Challenge Phrase
  • Challenge Response

...

This permission allows you to view the notification preferences for your users, such as a user's preference to receive an email regarding technical updates.

...

Invoices

...

Payment Methods

...

Read Payment Information

...

This permission allows you to view current payment information, such as the primary payment method.

...

Payment Methods

...

This permission allows you to view optional notes and tags that have been added to various AMP resources, such as a note added to a virtual machine.

...