Skip to main content
Version: 2.7

Role privileges matrix

The tables in this topic detail out the privileges associated with different built-in roles of Portworx Backup Security:

  • Infrastructure administrator (px-backup-infra.admin)
  • Applications administrator (px-backup-app.admin)
  • Applications user (px-backup-app.user)

RBAC and non-RBAC Portworx Backup resources

  1. The RBAC (Role-Based Access Control) resources listed here are directly associated with user roles and permissions within Portworx Backup, determining the access and management rights of users based on their assigned roles:

    • Backup locations
    • Cloud accounts
    • Schedule policies
    • Rules
    • Roles
    • Users and User Groups
  2. Non-RBAC resources are not dependent on RBAC and are accessible regardless of the user role. The following list outlines such resources:

    • Clusters
    • Namespaces
    • Virtual machines
    • Backups
    • Restores
note
  1. Infrastructure administrators, application administrator and application users can only view, edit, and delete the RBAC resources owned by them.
  2. Owners of Portworx Backup RBAC resources can share their resources with the intended users and groups regardless of the role of the users or groups.
  3. Portworx Backup roles can only view the unowned RBAC resources shared with them by other roles.

Privileges of the infrastructure administrator

The infrastructure administrator permissions to access the Portworx Backup resources are:

Portworx Backup resourcesCreateViewEditDelete
Cloud AccountsYYYY
Backup LocationsYYYY
Schedule PoliciesYYYY
RulesYYYY
RolesYYYY
Users and User GroupsNYYN

Privileges of the applications administrator

The applications administrator permissions to access the Portworx Backup resources are:

Portworx Backup resourcesCreateViewEditDelete
Cloud AccountsNYNN
Backup LocationsYYYY
Schedule PoliciesYYYY
RulesYYYY
RolesNYNN
Users and User GroupsNNNN

Privileges of the applications user

The applications user permissions to access the Portworx Backup resources are:

Portworx Backup resourcesCreateView shared resourcesEditDelete
Cloud AccountsNYNN
Backup LocationsNYNN
Schedule PoliciesNYNN
RulesNYNN
RolesNYNN
Users and User GroupsNNNN