Protect global roles and permissions
The following tables describe the global roles and global permissions that are specific to Protect.
| Global role | Description |
|---|---|
| Protect Reader | A user who can view Protect with read-only access to data protection standards and data access rules. |
| Protect Author |
A user who can create data protection standards and data access rules; modify or delete only the standards and rules that they created; view imported policies; view groups; and generate audit logs as an individual contributor. |
| Protect Admin |
A user who has the same permissions as a Protect Author. In addition, this user can modify or delete all data access rules and data protection standards, and access additional APIs. |
| Protect Manager |
A user who manages background processes and configures Protect.This role is intended only for the Protect system user. |
| Global permission | Description |
|---|---|
| Protect > Edit | Allows a user to create data protection standards and data access rules; modify only the standards and rules that they created; and delete only the standards and rules that they created. |
| Protect > Administration | Allows a user to create data protection standards and data access rules; modify all standards and rules; and delete all standards and rules. |