Standard Roles and Groups
This section provides an overview of the standard roles and groups that are used by SAP Landscape Management.
Verify whether the specific SAP Landscape Management actions, permissions, roles, and groups listed in the table below are set appropriately in the User Management Engine (UME) depending on your requirements.
Group |
Role |
Actions |
Description |
---|---|---|---|
|
|
|
Can perform forced operations, manage logs and operations on multiple systems simultaneously, in addition to the actions allowed by the SAP_LVM_OPERATOR and SAP_LVM_CONFIGURATOR roles. |
|
|
|
Can view the details of instances, hosts, virtual platform elements, pools, networks, and characteristics. Can execute secure custom processes for which no authorization is set. |
|
|
|
Can configure finely grained object permissions, in addition to the actions allowed by the SAP_LVM_ADMIN role. |
|
|
|
Can schedule or perform operations on instances and virtual systems, in addition to the actions allowed by the SAP_LVM_READONLY role. Operators can schedule or perform operations on instances within one system at a time. |
|
|
|
Can execute, schedule, and manage operation templates, provisioning templates, and custom processes, in addition to the actions allowed by the SAP_LVM_OPERATOR role. |
|
|
|
Can add, edit, or import the configuration of instances, hosts, pools, networks, and characteristics, in addition to the actions allowed by the SAP_LVM_READONLY role. |
|
|
|
Can configure infrastructure settings and SAP Landscape Management settings. |
|
|
|
Can perform calls to the SAP Landscape Management Rest API. In addition, users need the permissions for the actual domain-specific activities. |
|
|
|
|