Protect roles and permissions

Global roles

The following table describes the global roles specific to Protect.

Global role Description
Protect Reader View Protect with read-only access to data protection standards and data access rules.
Protect Author
  • Create standards and rules.
  • Edit or delete only the standards and rules that they created.
  • View imported policies.
  • View groups.
  • Generate audit logs as an individual contributor.
Protect Admin
  • Create standards and rules.
  • Edit or delete any standards and rules, including those created by others.
  • View imported policies.
  • View groups.
  • Generate audit logs as an individual contributor.
  • Access additional APIs.

Note The Protect Manager global role is intended only for the Protect system user.

Global permissions

The following table describes the global permissions specific to Protect.

Global permission Description

Product Rights > Protect

Access Protect.

Tip All Protect global roles and the Edge Site global role have this permission.
Protect > Edit
  • Create standards and rules.
  • Edit only the standards and rules that they created.
  • Delete only the standards and rules that they created.
Protect > Administration
  • Create standards and rules.
  • Edit all standards and rules.
  • Delete all standards and rules.