Veritas Alta™ SaaS Protection Administrator's Guide
- Section I. Introduction to Veritas Alta™ SaaS Protection
- Section II. Administration portal
- Section III. Manage users and roles
- Section IV. Manage searches/eDiscovery/cases
- Section V. Configure policies
- Section VI. Perform restores
- About restore
- Prerequisites for restore
- Restore dashboard
- Restore Exchange Online mailboxes
- Restore SharePoint Online Sites and data
- Restore SharePoint/OneDrive/Teams Sites and data
- Restore Teams chats and Teams Channel conversations
- Restore Audit logs
- Restore Box data
- Restore Google Drive data
- Restore Gmail data
- Restore Salesforce data and Metadata
- Restore Entra ID objects
- Restore Slack data
- Restore data to File server
- Restore options
- Section VII. Perform data share
- Section VIII. Perform data downloading
- Section IX. Add and configure connectors
- About connectors
- About connectors
- Overview of connectors
- Configuring the capture scope
- Configuring credentials
- Apps Consent Grant Utility
- Exchange Online connector
- Adding Exchange Online connectors
- Configuring the capture scope for Exchange connectors
- Configuring the capture scope for Exchange connectors
- SharePoint Online connector
- Teams Sites collections connector
- OneDrive connector
- Teams chat connector
- Audit log connector
- Google Drive connector
- Gmail connector
- Salesforce connector
- Entra ID (Azure AD) connector
- Box connector
- Slack connector
- EML connector
- Managing connectors
- About connectors
- Section X. Perform backups
- Section XI. Backup limitations
- Section XII. Events
- Section XIII. Manage Stors (Storages)
- Section XIV. Manage Scopes
- Section XV. Manage auditing
- Section XVI. Known Issues
About permissions
Veritas Alta SaaS Protection offers the capability to implement role-based access control (RBAC) for its tenants. RBAC lets you grant users access and permissions according to their specific roles within the organization.
The following table describes the permissions in Veritas Alta SaaS Protection.
Table: User permissions
Permissions | Description |
---|---|
| |
The assigned user is authorized to access all the content within the tenant. They can use the Admin export mode in the Export Utility to retrieve all the content. | |
The assigned user is granted with all permissions except Access All Items, Add Content, and API Impersonation. To mitigate risks associated with the Full Admin account, provision this account only on-demand to prevent account sharing. | |
The assigned user can add new content to the tenant, typically the Service account. | |
The assigned user can only view data and is not permitted to make any changes. | |
The assigned user can delete the content. | |
The assigned user can restore a stubbed item by clicking on it. | |
The assigned user can download the last backed-up SharePoint file by clicking on a stubbed item. | |
The assigned End user can do the following on the End-User portal:
| |
It allows a user to sign in to the Administration portal. The following permissions are available:
| |
: The assigned user can access a wide range of general API. This permission is required for all Service accounts.
| |
The assigned user can use this permission to allow the Connector service to operate with the Blobless Archive option on a connector. It is advisable to grant and use this permission solely in a drive-shipping scenario. | |
The assigned user can use this permission to impersonate another user by the API. |