Protect roles and permissions

Global roles

The following table describes the global roles specific to Protect.

Global role Description
Protect Reader View data protection standards and data access rules with read-only access.
Protect Author
  • Create standards and rules.
  • Edit or delete only the standards and rules the user created.
  • View imported policies and groups.
  • Generate audit logs as an individual contributor.
Protect Admin
  • Create standards and rules.
  • Edit or delete all standards and rules.
  • View imported policies and groups.
  • Generate audit logs as an individual contributor.
  • Access Protect APIs.

Note The Protect Manager global role is intended only for the Protect system user.

Global permissions

Global roles are effective only when appropriate permissions are assigned to them. The following table describes the global permissions specific to Protect.

Global permission Description

Product Rights > Protect

Access Protect.

Tip All Protect global roles and the Edge Site global role have this permission.
Protect > Edit
  • Create standards and rules.
  • Edit only the standards and rules the user created.
  • Delete only the standards and rules the user created.
  • Start a full synchronization.
Protect > Administration