Configure role-based access

To limit user access to specific functions, you can modify which roles are specified for each user account.

About this task

The Web Services Proxy includes role-based access control (RBAC), in which roles are associated with predefined users. Each role grants permissions to a specific level of functionality. You can change the roles assigned to user accounts by directly modifying the file.

Note: You can also change user accounts by using Access Management in Unified Manager. For more information, see the online help available with Unified Manager.


  1. Open the file, located in:
    • (Windows) – C:\Program Files\NetApp\SANtricity Web Services Proxy\data\config
    • (Linux) – /opt/netapp/santricity_web_services_proxy/data/config
  2. Locate the line for the user account you want to modify (storage, security, monitor, support, rw, or ro).
    Note: Do not modify the admin user. This is a super user with access to all functions.
  3. Add or remove the specified roles, as desired.
    Roles include:
    • security.admin – SSL and certificate management.
    • storage.admin – Full read/write access to storage system configuration.
    • storage.monitor – Read-only access to view storage system data.
    • support.admin – Access to all hardware resources on storage systems and support operations such as AutoSupport (ASUP) retrieval.
    Note: The storage.monitor role is required for all users, including the administrator.
  4. Save the file.