SnapCenter role-based access control (RBAC) enables you to create roles and add permissions to those roles, and then assign users or groups of users to the roles. This enables SnapCenter administrators to create a centrally managed environment, while application administrators can manage data protection jobs. SnapCenter ships with some predefined roles and permissions.
SnapCenter ships with the following predefined roles. You can either assign users and groups to these roles or create new roles.
When you assign a role to a user, only jobs that are relevant to that user are visible in the Jobs page unless you assigned the SnapCenter Admin role.
For managing VM-consistent data protection of VMs, VMDKs, and datastores, the following roles are created in vCenter by the NetApp Data Broker virtual appliance when the SnapCenter Plug-in for VMware vSphere is enabled:
The NetApp Data Broker, SnapCenter Plug-in for VMware vSphere, documentation has more information.
Data Protection Guide for VMs, Datastores, and VMDKs using the SnapCenter Plug-in for VMware vSphere
Best Practice: NetApp recommends that you create one ONTAP role for SnapCenter Plug-in for VMware vSphere operations and assign it all the required privileges.
|
SnapCenter provides the following permissions:
Plug-in privileges are required from the administrator for non-administrators to perform resource discovery operation.