Roles provide different levels of access to different types of users within your organization. These roles range from a “Super Admin” who has full access to all operations within the Clumio UI, to a Reporting/Audit Admin that has view only access to the UI and can generate reports.

From the Roles tab, you can view details about the available roles, and see the number of users assigned to each role. To assign a role to a user, or to change a user’s role, go to the Users tab.

The available roles and their permissions are as follows. There must always be at least one user who is assigned the Super Admin role. For other roles, there is no minimum or maximum number of users that can be assigned.

  • Super Admin: A user with the Super Admin role has full access to all operations within the UI, including organization-wide settings and granular record retrieval. The Super Admin cannot change their own role.
  • Organizational Unit Admin: Within their assigned Organizational Unit, a user with the OU Admin role has full access to all operations within the UI, with the exception of organization-wide settings. They have full access to databases, and can perform granular record retrieval.
  • Application Admin: A user with the Application Admin role has full access to all operations within the UI, with the exception of organization-wide settings. They have full access to databases, and can perform granular record retrieval.
  • Backup Admin: A user with the Backup Admin role can create policies, manage data sources, and schedule backups. They can perform all restores, including file and email level restores, but cannot do granular record retrieval. They do not have access to organization-wide settings.
  • Helpdesk Admin: A user with the Helpdesk Admin role has full access to API tokens, tasks, alerts, and audit logs. They have view access to policies, data sources, and reports. They can perform on-demand backups, and all restores, including file and email level restores, but cannot do granular record retrieval. They do not have access to organization-wide settings.
  • Reporting/Audit Admin: A user with the Reporting/Audit Admin role has view access to dashboards, policies, data sources, alerts and audit logs. They can view and generate reports.

The following table shows the role permissions by task:

PermissionsReporting/Audit AdminHelpdesk AdminBackup AdminApplication AdminOrganizational Unit AdminSuper Admin
Policies: Create or edit__xxxx
Policies:Viewxxxxxx
Data sources: Add, edit, delete__xxxx
Data sources: Viewxxxxxx
Backups: Perform scheduled backups__xxxx
Backups: Perform on-demand backups_xxxxx
Restores: Perform full and granular restores_xxxxx
Restores: Perform redirected granular restores*
Only applies to EBS/EC2 data sources.
_xxxxx
Restores: Perform granular record retrieval*
Only applies to RDS data sources.
___xxx
Reports:Generate and save reportsx_xxxx
Reports: Export reportsxxxxxx
Organization-wide settings____x (within the assigned OU)x

x = has permission

– = no permission

*\ Does not apply to S3.

Assign a user role

You can assign a user role in two ways:

  • For new users, choose a role when you invite them. See Invite a user for details.
  • For existing users, go to Administration > Access Management > Users, and click the edit icon in the Assigned role and organizational unit column to change the assigned role. See Change a user role for details.