The SQL Clone permission system allows organisations to comply with current legislation on privacy when database images contain real personal data or sensitive business data. It also means that users are presented with only the relevant and appropriate information and nothing else.

SQL Clone identifies users via Windows logins and groups. A SQL Clone administrator can assign users and groups to Clone user roles, to control who can do what with SQL Clone.

Each SQL Clone user can also be assigned to a team and will then have access only to those resources (images and instances) that are also assigned to that team. All this can be controlled via the web-based user-interface, on the Permissions page in Settings, or via PowerShell.

User roles overview

When you turn on permissions, only you will be able to access and administrate Clone until you grant other users access. The users tab allows you to control which Active Directory users or groups have this access.

You can grant each principal access as one of three roles - clone-only, standard, or administrator. A complete description of these roles is available on the main user roles page.

Teams overview

User roles allow you to control how much general power each user has in SQL Clone, but if you also want to restrict access to specific images, instances, or clones, you can use the teams feature introduced in SQL Clone 4.

With teams, you can give different users different views of your Clone infrastructure, such as keeping higher environments accessible only to certain users, or giving each development team access to just their own instances and images, preventing confusion or accidental deletion of another team's resources. Learn more on the main teams page.