Protect permissions

This topic describes all the global roles and global permissions that are specific to Protect.

Global roles

The following table describes the global roles that are specific to Protect.

Global role Description
Protect Reader View data protection standards and data access rules with read-only access.
Protect Author
  • Create standards and rules.
  • Edit or delete only the standards and rules the user created.
  • View imported policies and groups.
  • Generate audit logs as an individual contributor.
Protect Admin
  • Create standards and rules.
  • Edit or delete all standards and rules.
  • View imported policies and groups.
  • Generate audit logs as an individual contributor.
  • Access Protect APIs.

Note The Protect Manager global role is intended only for the Protect system user.

Global permissions

Global roles are effective only when appropriate global permissions are assigned to them. The following table describes the global permissions that are specific to Protect.

Global permission Description

Product Rights > Protect

Access Protect.

All Protect global roles and the Edge site global role have this permission.

Protect > Edit
  • Create standards and rules.
  • Edit only the standards and rules the user created.
  • Delete only the standards and rules the user created.
  • Start a full synchronization.
Protect > Administration