The correct permissions are View and Subscribe. In NetBackup RBAC, adding an asset to a Protection Plan is treated as subscribing the asset to that plan, not creating, updating, or managing the plan itself. Cohesity documentation describes the workflow as selecting one or more assets, clicking Add protection, choosing a protection plan, and clicking Protect; it also states that a single asset or group of assets can be subscribed to one or more protection plans. The RBAC permissions model separates plan administration from asset subscription. The role-permissions topic defines protection plans as the area used to manage how backups are performed with protection plans, while assets are managed separately under the Assets permission category. Official NetBackup RBAC guidance states that to add assets to a protection plan, the user requires View and Subscribe permissions on the protection plan, with corresponding asset permissions to view and protect the assets. Therefore, View and Subscribe is the permission pair directly aligned with adding an asset to a Protection Plan. References/topics: RBAC role permissions, Protection Plans, Subscribe an asset or asset group, and Workload asset protection workflow.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit