Skip to main content
Skip table of contents

Review All Permissions

In the Armor Management Portal (AMP), permissions allow you to control the way your users access their AMP account.

There are many shared permissions between Armor's private cloud and Armor Anywhere. As a result, this document applies to both Armor's private cloud and Armor Anywhere users.

Review the Product compatibility column for product-specific permissions.

In the Roles and Permissions screen, you may see permissions that only apply to Armor's private cloud or Armor Anywhere users. Your roles will not malfunction if you include a permission for a different product into your role.

Security Permissions

Screen

Permission

Description

Product compatibility

Security Health Dashboards

  • Health Overview (landing screen)

  • Protection

  • Detection

  • Response

  • Security Incidents

Read Dashboard Statistics

This permission allows you to view the data that populates the security dashboards.

  • Armor's private cloud

  • Armor Anywhere

Malware Protection

Read AVAM

This permission allows you to view antivirus and anti-malware (malware protection) details for each virtual machine.

  • Armor's private cloud

  • Armor Anywhere

Malware Protection

Read Trend Manual Scan

This permission allows you to view which virtual machines are eligible for a manual scan.

  • Armor's private cloud

  • Armor Anywhere

Malware Protection

Writer Trend Manual Scan

This permission allows you to start a manual scan for a virtual machine.

  • Armor's private cloud

  • Armor Anywhere

FIM

Read FIM

This permission allows you to view file integrity details for each virtual machine.

  • Armor's private cloud

  • Armor Anywhere

Patching

Read OS Packages

This permission allows you to view details OS patching details for each virtual machine.

  • Armor's private cloud

  • Armor Anywhere

Intrusion Detection

Read IDS

This permission allows you to view intrusion detection data.

  • Armor's private cloud

  • Armor Anywhere

Log & Data Management

Read LogManagement

This permission allows you to view high-level information for log collection for each virtual machine, such as:

  • Date logs were last received

  • Average size of collected logs

  • Log Status

  • Armor's private cloud

  • Armor Anywhere

Log & Data Management

Write LogManagement

This permission allows you to update the log management service, specifically the permission to upgrade the log retention plan.

  • Armor's private cloud

  • Armor Anywhere

Log & Data Management

Read Log Management Plan Selection

This permission allows you to view additional log retention plans.

  • Armor's private cloud

  • Armor Anywhere

Log & Data Management

Write Log Management Plan Selection

This permission allows you to change log retention plans.

  • Armor's private cloud

  • Armor Anywhere

Log & Data Management

Delete Log Management

This permission allows you to delete a log source.

  • Armor's private cloud

  • Armor Anywhere

Log & Data Management

Read Log Endpoints

This permission allows you to view an endpoint.

  • Armor's private cloud

  • Armor Anywhere

Log & Data Management

Write Log Endpoints

This permission allows you to create an endpoint.

  • Armor's private cloud

  • Armor Anywhere

Log & Data Management

Delete Log Endpoints

This permission allows you to delete an endpoint.

  • Armor's private cloud

  • Armor Anywhere

Log & Data Management

Read Log Relays

This permission allows you to view a remote log source.

  • Armor's private cloud

  • Armor Anywhere

Log & Data Management

Write Log Relays

This permission allows you to create a remote log source.

  • Armor's private cloud

  • Armor Anywhere

Log & Data Management

Delete Log Relays

This permission allows you to delete a remote log source.

  • Armor's private cloud

  • Armor Anywhere

Vulnerability Scanning

Read Compliance

This permission allows you to view information for the vulnerability scanning add-on product information. Specifically, you will see the status of the add-on product.

  • Armor's private cloud

Vulnerability Scanning

Write Compliance

This permission allows you to upgrade, downgrade, or delete the vulnerability scanning add-on product.

  • Armor's private cloud

Vulnerability Scanning

View Vulnerability Scans

This permission allows you to view the data for a vulnerability scanning report, via a downloaded report or within AMP.

  • Armor Anywhere

Dynamic Threat Blocking

Read Dynamic Threat Blocking Rule(s)

This permission allows you to view IP rules that have been created.

  • Armor's private cloud

  • Armor Anywhere

Dynamic Threat Blocking

Write Dynamic Threat Blocking Rule(s)

This permission allows you to create and delete an IP rule (whitelist or blacklist).

  • Armor's private cloud

  • Armor Anywhere

Dynamic Threat Blocking

Write Dynamic Threat Blocking Rule Never Expire IP

This permission allows you to create an IP rule (whitelist or blacklist) without an expiration date.

  • Armor's private cloud

  • Armor Anywhere

Dynamic Threat Blocking

Read Dynamic Threat Blocking(s)

This permission allows you to perform an IP lookup. Additionally, this permission allows you to view other IP lookups that have taken place in your account.

  • Armor's private cloud

  • Armor Anywhere

Firewall

Read Firewall

This permission allows you to view details for firewall rules for each virtual machine.

  • Armor's private cloud

Firewall

Write Firewall

This permission allows you to add, update, or delete firewall rules.

  • Armor's private cloud

Security Incidents

Read Dashboard Statistics

This permission allows you to view the data that populates the security dashboards, which includes open or pending security incidents.

  • Armor's private cloud

  • Armor Anywhere


Marketplace Permissions

Screen

Permission

Description

Product compatibility

Marketplace

Read Product Catalog

This permission allows you to view available add-on products.

You must have this permission enabled in your account in order to view purchased services and also to order new services in AMP.

  • Armor's private cloud

Marketplace and My Products

View Subscriptions

This permission allows you to view subscription-based add-on products in the My Products screen of the User Details screen.

  • Armor's private cloud

Marketplace (and My Products)

Write Subscriptions

This permission allows you to view the Armor Marketplace, as well as add and cancel subscription-based add-on products.

Specifically, you can add the subscription in the Armor Marketplace, and then cancel the subscription in the My Products screen of the User Details screen.

  • Armor's private cloud


Infrastructure Permissions

Screen

Permission

Description

Product compatibility

Workloads

Read Workload(s)

This permission allows you to view high-level data for workloads, such as

  • the associated data center

  • the number of tiers within the workload

  • the number of virtual machines within the workload

  • Armor's private cloud

Workloads

Write Workload

This permission allows you to create, update, and remove workloads and tiers.

  • Armor's private cloud

Virtual Machines

Read Virtual Machine Stats

This permission allows you to view usage data for a virtual data. This data is displayed in a line graph.

  • Armor's private cloud

Virtual Machines

Read Virtual Machine(s)

This permission allows you to view data for a virtual machine, such as

  • Operating system

  • Size

  • Corresponding workload

  • Status

  • Armor's private cloud

Virtual Machines

Write Virtual Machine

This permission allows you to update and remove virtual machines.

  • Armor's private cloud

  • Armor Anywhere

Virtual Machines

Read Orders

This permission allows you to view data related to your virtual machine purchase.

  • Armor's private cloud

Virtual Machines

Write Orders

This permission allows you to purchase a virtual machine.

  • Armor's private cloud

Virtual Machines

Scale Virtual Machine

This permission allows you upgrade or downgrade (resize) the size of a virtual machine.

  • Armor's private cloud

Virtual Machines

Read Location(s)

This permission allows you to view a list of available Armor data centers when you manage your virtual machines.

  • Armor's private cloud

Virtual Machines

Read Virtual Data Centers

This permission allows you to view the list of virtual environments in your account.

  • Armor's private cloud

Virtual Machines

Read Server Replication

This permission allows you to view high-level data for the server replication (disaster recovery) add-on product. Specifically, this permission allows you to view:

  • The status of the add-on product (configuring, enabled, disabled)

  • The location of the primary data center

  • The location of the failover data center

  • The status of the replication

  • Armor's private cloud

Virtual Machines

Write Server Replication

This permission allows you to order and cancel the server replication add-on product.

  • Armor's private cloud

Virtual Machines

Read Tasks

This permission allows you to view pending tasks, such as a scheduled delete or downsize of a virtual machine.

  • Armor's private cloud

Virtual Machines

Write Tasks

This permission allows you to schedule a delete or downsize of a virtual machine.

  • Armor's private cloud

Virtual Machines

Read Storage

This permission allows you to view disk and storage information for a virtual machine.

  • Armor's private cloud

Virtual Machines

View Core License

This permission allows you to view the core license, which is necessary to download and install the Anywhere agent.

  • Armor Anywhere

Virtual Machines

Read Utilization

This permission allows you to export the usage for your virtual machine.

  • Armor Anywhere

IP Addresses

Read Network IP

This permission allows you to view data for unassigned and assigned public and private IP addresses

  • Armor's private cloud

IP Addresses

Write Network IP

This permission allows you to update an IP address, such as:

  • Assign an IP addresses

  • Unassign an IP addresses

  • Delete IP address

  • Request a new public IP address

  • Armor's private cloud

IP Addresses

Read Network NAT

This permission allows you to view DNAT assignments.

  • Armor's private cloud

IP Addresses

Write Network NAT

This permission allows you to add and remove DNAT assignments.

  • Armor's private cloud

L2L VPN

Read Network L2L

This permission allows you to view high-level data for your L2L network tunnels.

  • Armor's private cloud

L2L VPN

Write Network L2L

This permission allows you to add, update, and remove L2L tunnels.

  • Armor's private cloud

SSL/VPN

Read SSL VPN Devices and Users

This permission allows you to view the status of your users' SSL VPN client.

  • Armor's private cloud

SSL/VPN

Write SSL VPN Devices and User

This permission allows you to enable your users the ability to download and install the SSL VPN client.

  • Armor's private cloud

Advanced Backup

Commit Advanced Backup Restore

This permission allows you to commit a snapshot after the restoration is complete.

  • Armor's private cloud

Advanced Backup

Create Advanced Backup Policy

This permission allows you to create a new policy.

  • Armor's private cloud

Advanced Backup

Read Advanced Backup

This permission allows you to view the Advanced Backup screen.

  • Armor's private cloud

Advanced Backup

Read Advanced Backup Policy

This permission allows you to view policy information and details.

  • Armor's private cloud

Advanced Backup

Read Advanced Backup Snapshots

This permission allows you to view a list of snapshots (backups) for a virtual machine.

  • Armor's private cloud

Advanced Backup

Read Advanced Backup Vms

This permission allows you to view the virtual machines that are subscribed to Advanced Backup.

  • Armor's private cloud

Advanced Backup

Refreshed Advanced Backup Snapshots

This permission allows you to refresh the current list of available snapshots (backups) for a virtual machine.

  • Armor's private cloud

Advanced Backup

Remove Advanced Backup

This permission allows you to remove Advanced Backup from a virtual machine.

  • Armor's private cloud

Advanced Backup

Request Advanced Backup Restore

This permission allows you to initiate a restoration of a snapshot (backup).

  • Armor's private cloud

Advanced Backup

Update Advanced Backup Policy

This permission allows you to update the configurations of a policy.

  • Armor's private cloud

Advanced Backup

Write Advanced Backup

This permission allows you to create a policy.

  • Armor's private cloud

Advanced Backup

Read Advanced Backup Plans

This permission allows you to view a list of policies.

  • Armor's private cloud


Support Permissions

Screen

Permission

Description

Product compatibility

Tickets


Read Ticket(s)

This permission allows you to view support tickets listed in the View Archived Tickets section.

  • Armor's private cloud

  • Armor Anywhere

Tickets

Write Ticket(s)

This permission allows you to create, edit, respond, and share a ticket.

  • Armor's private cloud

  • Armor Anywhere

Tickets

Read Ticket Group(s)

This permission allows you to view and follow a support ticket, as well as access the Organization features of the ticket.

  • Armor's private cloud

  • Armor Anywhere

Tickets

Write Ticket Group(s)

This permission allows you to create and follow a support ticket, as well as access the Organization features of the ticket.

  • Armor's private cloud

  • Armor Anywhere


Account Permissions

Screen

Permission

Description

Product compatibility

Overview (Account screen)

Read Identity

This permission allows you to view the account-level information, such as

  • Account overview

  • Armor contacts

  • User profiles

  • Roles and permissions

  • Armor's private cloud

  • Armor Anywhere

Overview (Account screen)

Write Identity

This permission allows you to update account-level information, such as:

  • Invite and remove users

  • Create, update, and remove roles

  • Assign and unassign roles to users

  • Unlock a user after several failed login attempts

  • Armor's private cloud

  • Armor Anywhere

Overview (Account screen)

Write Account

This permission allows you to update your company profile, such as the address.

  • Armor's private cloud

  • Armor Anywhere

User Detail

Update Personal Identity

This permission allows you to update your personal account information, such as your:

  • Password

  • Challenge Phrase

  • Challenge Response

  • Armor's private cloud

  • Armor Anywhere

Cloud Connections

Read Cloud Connections

This permission allows you to view public cloud accounts that have been synced with AMP.

  • Armor Anywhere

Cloud Connections

Write Cloud Connections

This permission allows you to add a new public cloud account to sync with AMP.

  • Armor Anywhere

User Detail

Read Notification(s)

This permission allows you to view the notification preferences for your users, such as a user's preference to receive an email regarding technical updates.

  • Armor's private cloud

  • Armor Anywhere

Invoices + Payments

View Invoices

This permission allows you to view current and previous invoices.

  • Armor's private cloud

  • Armor Anywhere

Payment Methods

Read Payment Information

This permission allows you to view current payment information, such as the primary payment method.

  • Armor's private cloud

  • Armor Anywhere

Payment Methods

Update Payment Information

This permission allows you to update the payment information, such as adding a new credit card or assigning a new primary payment method

  • Armor's private cloud

  • Armor Anywhere

API Keys (Users screen)

API Keys All Read

This permission allows you to view API keys that have been created.

  • Armor's private cloud

  • Armor Anywhere

API Keys (Users screen)

API Keys All Delete

This permission allows you to delete an API key.

  • Armor's private cloud

  • Armor Anywhere

API Keys (Users screen)

API Keys Self Manange

This permission allows you to create an API key.

  • Armor's private cloud

  • Armor Anywhere

Activity

View Account Activity

This permission allows you to view the account activity for your users.

  • Armor's private cloud

  • Armor Anywhere

Sub-Accounts

View Sub-Accounts

This permission allows you to view the Sub-Accounts screen

  • Armor Anywhere

Sub-Accounts

Write Sub-Accounts

This permission allows you to create and update sub-accounts.

  • Armor Anywhere


General Permissions

Screen

Permission

Description

Product Compatibility

Not applicable

Read Entity Metadata

This permission allows you to view optional notes and tags that have been added to various AMP resources, such as a note added to a virtual machine.

  • Armor's private cloud

  • Armor Anywhere

Not applicable

Write Entity Metadata

This permission allows you to add, update, and delete optional notes and tags to various AMP resource, such as adding a note to a virtual machine.

  • Armor's private cloud

  • Armor Anywhere

Not applicable

Read Documentation

This permissions allows you to view documentation related to a particular product or screen, via the Help icon in the top right corner of the AMP screen (where applicable).

  • Armor's private cloud

  • Armor Anywhere

At a minimum, users must have the following Permission assigned to their account to access AMP:

  • Update Personal Identity

Users without this Permission will immediately be signed out of AMP upon login.


Topics Discussed

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.