Role based access control (rbac), Rbac details – HP Insight Management-Software User Manual
Page 11
Role based Access Control (RBAC)
Role based access control allows you to designate which operations and resources can be
manipulated.
RBAC Details
VCEM provides the following role based user types. Individual VCEMCLI commands require different
access permissions based on the resource involved and the read or write operation being called.
Access is determined based on the credentials used by VCEMCLI.
•
VCEM Administrator—Manages all VCEM resources. All operations are permitted to all
resources.
•
VCEM Domain Group Administrator—Manages VC Domains and server profiles in one or
more VC Domain Groups.
•
VCEM Domain Group Limited Operator—Manages the same tasks as the VCEM Domain Group
Operator except for creating, editing, and deleting a server profile.
•
VCEM Domain Group Operator—Manages server profiles in one or more VC Domain Groups.
•
VCEM User (Read Only)—Has read-only access to all VCEM resources.
lists command line options and the role-based user access privileges that can use the
commands.
Table 2 RBAC privileges
VCEM User
(read only)
VCEM
Group
VCEM
Group
Operator
VCEM
Group
Administrator
VCEM
Administrator
Command line options
Limited
Operator
x
x
x
-add profile
x
x
x
-set profile
x
x
x
x
-assign profile
x
x
x
x
-unassign profile
x
x
x
-add enet-connection
x
x
x
-set enet-connection
x
x
x
-remove enet-connection
x
x
x
-add fc-connection
x
x
x
-set fc-connection
x
x
x
-remove fc-connection
x
x
x
-add fcoe-connection
x
x
x
-set fcoe-connection
x
x
x
-remove fcoe-connection
x
x
x
-add iscsi-connection
x
x
x
-set iscsi-connection
x
x
x
-remove iscsi-connection
x
x
x
-add server-port-map
x
x
x
-set server-port-map
x
x
x
-remove server-port-map
Role based Access Control (RBAC)
11