Managing roles

A role determines the scope of actions that can be performed in the HYCU for Google Cloud data protection environment by a specific user or service account. This means that access to data and information within the data protection environment is limited based on the assigned role. As an administrator, you can manage these roles and define what actions can be performed by each authority.

Considerations

  • Each user that signs in to HYCU for Google Cloud or each configured service account has by default the Administrator role assigned unless set otherwise. For details on changing the default role, see “Changing the default role”.
  • At least one user with the Administrator role assigned must exist in the data protection environment.
  • If multiple protection sets are available in your data protection environment, a user or a service account has the same role in all protection sets within the same subscription.
  • If a user or a service account has access to multiple subscriptions, they can have different roles assigned in different subscriptions. The user can also switch among these subscriptions while being signed in to HYCU for Google Cloud.

To access the Roles dialog box, click  Administration in the toolbar, and then select Roles.

HYCU for Google Cloud roles

A user or a service account can be assigned one or more of the following roles:

Role Allowed actions
Viewer Acquire information about instances, applications, buckets, policies, targets, tasks, events, reports, service accounts, and protection sets in the data protection environment.
Backup Operator

Acquire the same information as Viewer, define backup strategies, and back up instances, applications, and buckets.
Restore Operator

Acquire the same information as Viewer and restore instances, applications, and buckets.
Protégé Operator Reserved for service accounts. Migrate protected data from the on-premises environment to Google Cloud and the other way round by using the HYCU SpinUp functionality. For details on how to employ HYCU Protégé, see HYCU documentation.
Administrator Perform all actions in the data protection environment.

Changing a role

Consideration

If you plan to change your own role, keep in mind that you will not be able to change it back to Administrator yourself.

Procedure

  1. In the Roles dialog box, from the list of available authorities (users and service accounts), select the one to which you want to assign a different role.

    t Tip  You can also search for an authority by entering its name in the Search field.

  2. Click  Change Role. The Role Change dialog box opens.

  3. From the Role drop-down menu, select the role that you want to assign to the user or the service account.

    n Note  You can assign multiple roles to the same user or service account if the needs of your data protection environment require it.

Changing the default role

You can at any time change the default role for users and service accounts. This means that all new users that sign in to HYCU for Google Cloud and all newly configured service accounts will automatically acquire the new default role.

Procedure

  1. Click  Change Role next to Default Role at the upper right of the Roles dialog box. The Default Role Change dialog box opens.
  2. From the Role drop-down menu, select which role you want to be the default one.
  3. Click Save.

Deleting a user

Considerations

  • Deleting a user from HYCU for Google Cloud does not remove it from Google Cloud.

  • You cannot delete the billing account viewer or yourself from HYCU for Google Cloud.

  • Any upcoming data protection tasks related to the user that you delete will be automatically assigned to you.

Procedure

  1. In the Roles dialog box, from the list of available users, select the one that you want to delete.

    t Tip  You can also search for a user by entering their name in the Search field.

  2. Click  Remove. The Remove dialog box opens.

  3. Click Yes to confirm that you want the selected user to be deleted from HYCU for Google Cloud.