AMP Screen | Permission | Description |
---|
Security Dashboard (landing page) | Read Dashboard Statistics | This permission allows you to view the widgets (and corresponding data) that populate the security dashboard. These widgets display a high-level status of your virtual machines, agents, and open security incidents. |
Malware Protection | Read AVAM | This permission allows you to view antivirus and anti-malware (malware protection) details for each virtual machine. |
FIM | Read FIM | This permission allows you to view file integrity details for each virtual machine. |
Patching | Read OS Packages | This permission allows you to view details OS patching details for each virtual machine. |
Intrusion Detection | Read IDS | This permission allows you to view intrusion detection data. |
Log & Data Management | Read LogManagement | This permission allows you to view high-level information for log collection for each virtual machine, such as: - Date logs were last received
- Average size of collected logs
- Log Status
|
Log Management | Read LogSearch | This permission allows you to view details for log collection, such as the specific log message, for each virtual machine. |
Log Management | Write LogManagement | This permission allows you to update the log management service, specifically the permission to upgrade the log retention plan. |
Firewall | Read Firewall | This permission allows you to view details for firewall rules for each virtual machine. |
Firewall | Write Firewall | This permission allows you to add, update, or delete firewall rules. |
Marketplace | Read Product Catalog | This permission allows you to view available add-on products. You must have this permission enabled in your account in order to view purchased services and also to order new services in AMP. |
Marketplace (and My Products) | View Subscriptions | This permission allows you to view subscription-based add-on products in the My Products screen of the User Details screen. |
Marketplace (and My Products) | Write Subscriptions | This permission allows you to view the Armor Marketplace, as well as add and cancel subscription-based add-on products. Specifically, you can add the subscription in the Armor Marketplace, and then cancel the subscription in the My Products screen of the User Details screen. |
Workloads | Read Workload(s) | This permission allows you to view high-level data for workloads, such as - the associated data center
- the number of tiers within the workload
- the number of virtual machines within the workload
|
Workloads | Write Workload | This permission allows you to create, update, and remove workloads and tiers. |
Virtual Machines / VM Details | Write Orders | This permission allows you to provision a new virtual machine. |
Virtual Machines / VM Details | Read Virtual Machine Stats | This permission allows you to view usage data for a virtual data. This data is displayed in a line graph. |
Virtual Machines / VM Details | Read Virtual Machine(s) | This permission allows you to view data for a virtual machine, such as - Operating system
- Size
- Corresponding workload
- Status
|
Virtual Machines / VM Details | Scale Virtual Machine | This permission allows you upgrade or downgrade (resize) the size of a virtual machine. |
Virtual Machines / VM Details | Write Virtual Machine | This permission allows you to create, update, and remove virtual machines. |
Virtual Machines / VM Details | Read Location(s) | This permission allows you to view a list of available Armor data centers when you manage your virtual machines. |
Virtual Machines / VM Detail | Read Virtual Data Centers | This permission allows you to view the list of virtual environments in your account. |
Virtual Machines | Read Server Replication | This permission allows you to view high-level data for the server replication (disaster recovery) add-on product. Specifically, this permission allows you to view: - The status of the add-on product (configuring, enabled, disabled)
- The location of the primary data center
- The location of the failover data center
- The status of the replication
|
Virtual Machines | Write Server Replication | This permission allows you to order and cancel the server replication add-on product. |
Virtual Machines | Read Tasks | This permission allows you to view pending tasks, such as a scheduled delete or downsize of a virtual machine. |
Virtual Machines | Write Tasks | This permission allows you to schedule a delete or downsize of a virtual machine. |
Virtual Machines | Read Storage | This permission allows you to view disk and storage information for a virtual machine. |
IP Addresses | Read Network IP | This permission allows you to view data for unassigned and assigned public and private IP addresses |
IP Addresses | Write Network IP | This permission allows you to update an IP address, such as: - Assign an IP addresses
- Unassign an IP addresses
- Delete IP address
- Request a new public IP address
|
IP Addresses | Read Network NAT | This permission allows you to view DNAT assignments. |
IP Addresses | Write Network NAT | This permission allows you to add and remove DNAT assignments. |
L2L VPN | Read Network L2L | This permission allows you to view high-level data for your L2L network tunnels. |
L2L VPN | Write Network L2L | This permission allows you to add, update, and remove L2L tunnels. |
SSL/VPN | Read SSL VPN Devices and Users | This permission allows you to view the status of your users' SSL VPN client. |
SSL/VPN | Write SSL VPN Devices and User | This permission allows you to enable your users the ability to download and install the SSL VPN client. |
Compliance | Read Compliance | This permission allows you to view information for the vulnerability scanning add-on product information. Specifically, you will see the status of the add-on product. |
Compliance | Write Compliance | This permission allows you to upgrade, downgrade, or delete the vulnerability scanning add-on product. |
Tickets | Read Ticket(s) | This permission allows you to view support tickets listed in the ViewArchivedTickets section. |
Overview (Account screen) | Read Identity | This permission allows you to view the account-level information, such as - Account overview
- Armor contacts
- User profiles
- Roles and permissions
|
User Detail | Update Personal Identity | This permission allows you to update your personal account information, such as your: - Password
- Challenge Phrase
- Challenge Response
|
User Detail | Read Notification(s) | This permission allows you to view the notification preferences for your users, such as a user's preference to receive an email regarding technical updates. |
Not applicable | Read Entity Metadata | This permission allows you to view optional notes and tags that have been added to various AMP resources, such as a note added to a virtual machine. |
Not applicable | Write Entity Metadata | This permission allows you to add, update, and delete optional notes and tags to various AMP resource, such as adding a note to a virtual machine. |
Not applicable | Global Search | This permission allows you to use the global search function throughout AMP. |