Skip to main content
NetApp Backup and Recovery
All cloud providers
  • Amazon Web Services
  • Google Cloud
  • Microsoft Azure
  • All cloud providers

NetApp Backup and Recovery Identity and Access Management (IAM) roles

Contributors netapp-mwallis

NetApp Backup and Recovery employs Identity and Access Management (IAM) to govern the access that each user has to specific features and actions.

The service uses the following roles that are specific to NetApp Backup and Recovery.

  • Backup and recovery super admin: Perform any actions in NetApp Backup and Recovery.

  • Backup and Recovery Backup admin: Perform backups to local snapshots, replicate to secondary storage, and back up to object storage actions in NetApp Backup and Recovery.

  • Backup and Recovery Restore admin: Restore workloads using NetApp Backup and Recovery.

  • Backup and Recovery Clone admin: Clone applications and data using NetApp Backup and Recovery.

  • Backup and recovery viewer: View information in NetApp Backup and Recovery, but not perform any actions.

For details about all NetApp Console access roles, see the Console setup and administration documentation.

Roles used for common actions

The following table indicates the actions that each NetApp Backup and Recovery role can perform for all workloads.

Feature and action Backup and recovery super admin Backup and Recovery backup admin Backup and Recovery restore admin Backup and Recovery clone admin Backup and Recovery viewer

Add, edit, or delete hosts

Yes

No

No

No

No

Install plugins

Yes

No

No

No

No

Add credentials (host, instance, vCenter)

Yes

No

No

No

No

View dashboard and all tabs

Yes

Yes

Yes

Yes

Yes

Start free trial

Yes

No

No

No

No

Initiate discovery of workloads

No

Yes

Yes

Yes

No

View license information

Yes

Yes

Yes

Yes

Yes

Activate license

Yes

No

No

No

No

View hosts

Yes

Yes

Yes

Yes

Yes

Schedules:

Activate schedules

Yes

Yes

Yes

Yes

No

Suspend schedules

Yes

Yes

Yes

Yes

No

Policies and protection:

View protection plans

Yes

Yes

Yes

Yes

Yes

Create, modify, or delete protection

Yes

Yes

No

No

No

Restore workloads

Yes

No

Yes

No

No

Create clone, split clone, or delete clone

Yes

No

No

Yes

No

Create, modify, or delete policy

Yes

Yes

No

No

No

Reports:

View reports

Yes

Yes

Yes

Yes

Yes

Create reports

Yes

Yes

Yes

Yes

No

Delete reports

Yes

No

No

No

No

Import from SnapCenter and manage host:

View imported SnapCenter data

Yes

Yes

Yes

Yes

Yes

Import data from SnapCenter

Yes

Yes

No

No

No

Manage (migrate) host

Yes

Yes

No

No

No

Configure settings:

Configure log directory

Yes

Yes

Yes

No

No

Associate or remove instance credentials

Yes

Yes

Yes

No

No

Buckets:

View buckets

Yes

Yes

Yes

Yes

Yes

Create, edit, or delete bucket

Yes

Yes

No

No

No

Roles used for workload-specific actions

The following table indicates the actions that each NetApp backup and recovery role can perform for specific workloads.

Kubernetes workloads

This table indicates the actions that each NetApp backup and recovery role can perform for actions specific to Kubernetes workloads.

Feature and action Backup and recovery super admin Backup and Recovery backup admin Backup and Recovery restore admin Backup and Recovery viewer

View clusters, namespaces, storage classes, and API resources

Yes

Yes

Yes

Yes

Add new Kubernetes clusters

Yes

Yes

No

No

Update cluster configurations

Yes

No

No

No

Remove clusters from management

Yes

No

No

No

View applications

Yes

Yes

Yes

Yes

Create and define new applications

Yes

Yes

No

No

Update application configurations

Yes

Yes

No

No

Remove applications from management

Yes

Yes

No

No

View protected resources and backup status

Yes

Yes

Yes

Yes

Create backups and protect applications with policies

Yes

Yes

No

No

Unprotect apps and delete backups

Yes

Yes

No

No

View recovery points and resource viewer results

Yes

Yes

Yes

Yes

Restore applications from recovery points

Yes

No

Yes

No

View Kubernetes backup policies

Yes

Yes

Yes

Yes

Create Kubernetes backup policies

Yes

Yes

Yes

No

Update backup policies

Yes

Yes

Yes

No

Delete backup policies

Yes

Yes

Yes

No

View execution hooks and hook sources

Yes

Yes

Yes

Yes

Create execution hooks and hook sources

Yes

Yes

Yes

No

Update execution hooks and hook sources

Yes

Yes

Yes

No

Delete execution hooks and hook sources

Yes

Yes

Yes

No

View execution hook templates

Yes

Yes

Yes

Yes

Create execution hook templates

Yes

Yes

Yes

No

Update execution hook templates

Yes

Yes

Yes

No

Delete execution hook templates

Yes

Yes

Yes

No

View workload summary and analytics dashboards

Yes

Yes

Yes

Yes

View StorageGRID buckets and storage targets

Yes

Yes

Yes

Yes