Security Groups

Veeam ONE creates 3 security groups on the machines where the Veeam ONE Server and Veeam ONE Web UI components are installed:

• Veeam ONE Administrators: members of this group can access monitoring data, generate reports and modify all Veeam ONE configuration settings.

This group must include the Veeam ONE service account.

• Veeam ONE Read-Only Users: members of this group can generate reports and access monitoring data in read-only mode, but cannot modify any Veeam ONE configuration settings.
• Veeam ONE Dashboard Viewers: build-in system group used by Internet Information Services to allow access to Veeam ONE dashboards.

You can access and manage security groups in the Computer Management console.

To provide access to Veeam ONE functionality for an administrator or operator, you can include this user either in the Veeam ONE Administrators or Veeam ONE Read-Only Users group. Member of these groups have access to:

• All Veeam ONE consoles (Monitor, Reporter and Business View)
• All objects of the infrastructure inventory (including VMware vSphere, vCloud Director, Microsoft Hyper-V and Veeam Backup & Replication)

Multi-Tenant Monitoring and Reporting

Veeam ONE supports multi-user access to its monitoring and reporting capabilities. Authorized users can concurrently access the same instance of Veeam ONE to monitor the health state of the virtual infrastructure and create reports.

To restrict access to sensitive infrastructure data, you can limit the scope of virtual infrastructure objects and associated data that must be available to a Veeam ONE user. Thus you can control what subset of the managed virtual infrastructure the user can see and work with. In multi-tenant environments, you can configure restricted access to Veeam ONE for owners of virtualized systems or responsible personnel and delegate monitoring and reporting tasks.