We've transitioned to a new documentation portal to serve you better. Access the latest content by clicking here.
This topic contains the following sections:
Role Based Access Control (RBAC) enables organizations to limit privileged user access to a predefined set of administrator roles and data assets to create ethical walls and enforce privacy and control. RBAC also enables the implementation of a delegated administration structure to meet customers’ organizational, compliance, and security requirements. Thus, organizations can achieve their goals efficiently with a seamless, granular, extensible administrator role management of their entities.
Druva provides a set of predefined administrator roles for creating administrators to manage the Management Console. Druva also provides a flexibility to the cloud administrators to create custom administrator roles using the existing base roles. The predefined and custom administrator roles enable administrators to access and manage entities efficiently on the Management Console.
A role defines a set of tasks that administrators perform based on the rights assigned to them. Each role contains a set of rights, and each right contains a set of granular permissions that enable administrators to perform the tasks. The Roles tab on the Administrators page lists the predefined roles and custom roles created on the Management Console. Roles are assigned to the administrators at the time of their creation.
The following table depicts the relationship between the predefined, base, and custom roles that Druva offers:
By default, Druva defines the combinations of rights for the predefined administrator roles. The administrators cannot edit the rights of such predefined role assignments. The predefined roles are listed on the Roles tab.
By default, Druva provides the following seven predefined roles on the Roles tab:
Note: Administrators cannot delete any of the predefined roles.
The following table lists the predefined administrator roles that Druva provide:
Predefined administrator role | Description |
Cloud administrator |
With this role, the administrators manage the activities of all the organizations. The role is associated with the following rights:
For more details, see Role rights. |
Cloud administrator (View-only) |
With this role, the administrators have read-only access to all configurations within the organizations. They cannot perform any administration action on any entities of the Management Console. However, they can change their own profile-related settings, such as the name and time zone, and can view, download, and send reports and audit trails. |
Organization administrator |
With this role, the administrators manage the activities of one or more organizations assigned to them. The role is associated with the following rights:
For more details, see Role rights. |
Organization administrator (View-only) |
With this role, The administrators have read-only access to all configurations within the organization(s) they have access to. They cannot perform any administration action on the entities on the Management Console. However, they can change their own profile-related settings, such as name and time zone, and can view, download, and send reports. |
Group administrator |
With this role, the administrators manage the activities of one or more administrative groups that they are associated with. The role is associated with the following rights:
For more details, see Role rights. |
Group administrator (View-only) |
With this role, the administrators have read-only access to the administrative groups that they are associated with. However, they cannot manage any administrative group. They can also view, download, and send reports. |
Data Protection Officer (DPO) |
The DPO role is associated with the following rights:
However, a DPO cannot access any configurations, create administrators, register servers and virtual machines, set up policies, or manage CloudCache. |
Druva also provides the flexibility to the cloud administrators to create custom administrator roles and assign selective access rights to the role based on the organization’s needs. The custom administrator roles are derived from the three base roles, such as the cloud administrator role, the organization administrator role, and the group administrator role. The custom roles impart distinct capabilities to the administrators to help them to manage entities on the Management Console. For example, you can create a custom cloud administrator role to back up and restore devices, and delete recovery points. You can create another custom cloud administrator role only to restore devices.
Only cloud and organization administrators can create administrators with custom administrator roles. An organization administrator can only create group administrators and group-derived administrators. For information about how you can create a custom administrator role, see Create custom administrator roles.
Note: You can delete a custom administrator role if no administrator is associated with the role on the Management Console.
Before you create roles, review the following considerations:
The administrators who have the rights to restore virtual machines can perform all actions related to the Instant Restore.
The administrators with the custom administrator roles with Restore to Original and Restore to Alternate rights can perform Instant Restore of virtual machines.
Migrate to production is governed based on whether the Instant Restore is on an original or alternate location. If you want to migrate the instantly restored VM to an alternate location, make sure you meet the prerequisites for vMotion before migrating to production because the virtual machines are migrated by using vMotion.
Migrate to production job for a VM cannot reuse the staging datastore used for the instant restore job of that VM. If you want to migrate a virtual machine to production, ensure you have another datastore on the same or different ESXi host, depending on whether you are migrating to the same or alternate host.
The administrators with the custom administrator roles for whom the delete rights are disabled will not be able to delete instantly restored virtual machines.
The administrators with the custom administrator roles for whom the restore rights are disabled will not be able to perform instant restore or migration of instantly restored virtual machines to production. However, they can delete instantly restored virtual machines.
Rights are the permissions that define the capabilities of an administrator role. An administrator role is created by assigning a combination of rights to the role. For example, the cloud administrator role is characterized by the combination of the following rights:
You can create custom roles for administrators using the combination of the rights. Druva provides a set of customizable and non-customizable rights. By default, the non-customizable rights are granted to the administrator role and you cannot detach these rights from the role. However, you can clear the check boxes corresponding to the customizable rights assigned to the role to limit the capability of the role.
Druva provides the following access-control rights to manage the entities on the Management Console.
Rights | Description | Customizable/Non-customizable Right |
Backup and restore management | ||
Configure backup |
Permission to create and edit the backup sets of the File server, MS-SQL server, backup store, and NAS share. It enables to attach a new backup set or detach an existing backup set from the CloudCache. It also enables to configure and reconfigure the VMwareand HyperV workloads. |
Customizable |
Perform backup |
Permission to enable and disable the backups, and trigger backups for the workloads. |
Customizable |
Manage restore | ||
Restore to original |
Permission to restore virtual machines, files and folders, databases, and NAS shares to the original location. |
Customizable |
Restore to alternate | Permission to restore virtual machines, files and folders, databases, and NAS shares to an alternate location | Customizable |
Delete recovery points |
Permission to delete recovery points of servers, databases, and virtual machines. |
Customizable |
Server Management | ||
Delete Devices |
Permission to delete backup sets, proxies, servers, backup stores, virtual machines, ESXi servers, HyperV hosts, and NAS devices. |
Customizable |
Update client or proxy |
Permission to upgrade the Hybrid Workloads agents, backup proxies, and backup stores on the servers, virtual machines, and databases. |
Non-customizable |
Register and Re-register server or proxy |
Permission to register or re-register a server. If the right is disabled, the Administrator will not be able to generate the activation token. Also, the Manage > Activation Token page will not be accessible. |
Customizable |
Change administrative group of server |
Permission to change the administrative group associated with a server or a backup store. |
Non-customizable |
Admin management | ||
Create, modify, or delete administrative groups |
Permission to create, edit, and delete the administrative groups associated with the servers, virtual machines, and backup stores. |
Non-customizable |
Create, modify, or delete organizations |
Permission to create, modify, and delete the organizations associated with the servers, virtual machines, and backup stores. |
Non-customizable |
Cache management | ||
Manage Cloudcache servers |
Permission to configure and upgrade the CloudCache, view the configuration and log files, and decommission the CloudCache. |
Non-customizable |
Reporting and alert management | ||
View reports and alerts
|
Permission to view and download various Druva reports and view the alerts generated on the Management Console. |
Customizable |
Manage email schedules and subscriptions |
You must have the View reports and alerts permission to enable this permission. Permission to subscribe to the admin and non-admin users to emails related to reports and alerts. Permission to update the email schedule. |
Customizable |
Policy management | ||
Create, edit, or delete backup policy and retention policy |
Permission to create, edit, and delete the backup and retention policy for the servers and virtual machines. |
Non-customizable |
Create, edit, or delete content rule |
Permission to create, edit, and delete the content rule of the servers and virtual machines. |
Non-customizable |
Disaster recovery management | ||
Add AWS account |
Permission to create AWS account to maintain the AMI for the virtual machine. |
Non-customizable |
Delete AWS Proxies |
Permission to delete AWS Proxies. |
Customizable |
Create, edit, or delete disaster recovery plan |
Permission to create, edit, or delete the disaster recovery plan to recover the virtual machine in the AWS account in the event of a disaster. |
Non-customizable |
Perform DR failover |
Permission to failover virtual machines and perform disaster recovery. |
Non-customizable |
Only a cloud administrator can create the cloud and the other administrator roles using the global Administrators menu on the Management Console.
Procedure
Note: When you create a custom role using a base role, the default role has all the associated rights enabled for that role. You can clear the check boxes corresponding to the rights assigned to the role to remove a few granted rights. For example, when you create a custom cloud administrator role with no privilege to delete any recovery points, the created default custom role has all the rights from the base cloud administrator role. You can clear the Delete Recovery point check box to limit the right to delete the recovery points.
Only the cloud administrator can delete the custom administrator roles on the Management Console. Before deleting a role, ensure that the role is not assigned to an administrator.
Note: You cannot delete the predefined roles that Druva provides.
Procedure
The role details page provides details of the Druva predefined and custom administrator roles.
Procedure
Note: The Organizations column is displayed only if organization is enabled.
When you edit the rights assigned to a custom administrator role, you may want to update the corresponding description of the role. Using the Edit button on the role details page, you can update the description of the custom administrator role.
Procedure
The Roles tab now displays the edited description of the role.
You can change the combination of rights assigned to a custom administrator role by using the role details page. The changed rights for the administrator’s role apply from your next login to the Management Console.
Note: You can edit rights assigned only to a custom administrator role.
Procedure
The Rights section on the role details page now lists the new combination of rights selected for the custom role.