Cloud Central accounts Edit on GitHub Request doc changes

Contributors netapp-bcammett

Each Cloud Manager system is associated with a NetApp Cloud Central account. A Cloud Central account provides multi-tenancy and enables you to organize users and resources in isolated workspaces.

A Cloud Central account enables multi-tenancy:

  • A single Cloud Central account can include multiple Cloud Manager systems that serve different business needs.

    Because users are associated with the Cloud Central account, there’s no need to configure users for each individual Cloud Manager system.

  • Within each Cloud Manager system, multiple users can deploy and manage Cloud Volumes ONTAP systems in isolated environments called workspaces.

    These workspaces are invisible to other users, unless they are shared.

When you deploy Cloud Manager, you select the Cloud Central account to associate with the system:

A screenshot of the Cloud Manager setup wizard that prompts you for the Cloud Central account in which you want to create Cloud Manager.

Account Admins can then modify the settings for this account by managing users, workspaces, and service connectors:

A screenshot that shows the Account Settings widget from which you can manage users

For step-by-step instructions, see Setting up the Cloud Central account.

Cloud Manager needs access to https://cloudmanager.cloud.netapp.com in order to connect to the Cloud Central account service. Open this URL on your firewall to ensure that Cloud Manager can contact the service.

Users, workspaces, and service connectors

The Account Settings widget in Cloud Manager enables Account Admins to manage a Cloud Central account. If you just created your account, then you’ll start from scratch. But if you’ve already set up an account, then you’ll see all the users, workspaces, and service connectors that are associated with the account.

Users

These are NetApp Cloud Central users that you associate with your Cloud Central account. Associating a user with an account and one or more workspaces in that account enables those users to create and manage working environments in Cloud Manager.

When you associate a user, you assign them a role:

  • Account Admin: Can perform any action in Cloud Manager.

  • Workspace Admin: Can create and manage resources in the assigned workspace.

Workspaces

In Cloud Manager, a workspace isolates any number of working environments from other working environments. Workspace Admins can’t access the working environments in a workspace unless the Account Admin associates the admin with that workspace.

A working environment represents a storage system:

  • A single-node Cloud Volumes ONTAP system or an HA pair

  • An on-premises ONTAP cluster in your network

  • An ONTAP cluster in a NetApp Private Storage configuration

Service connectors

A service connector is part of Cloud Manager. It runs much of the Cloud Manager software (like the user interface), except for a few Cloud Central services that it connects to (auth0 and Cloud Central accounts). The service connector runs on the virtual machine instance that was deployed in your cloud provider, or on an on-prem host that you configured.

You can use a service connector with more than one NetApp cloud data service. For example, if you already have a service connector for Cloud Manager, you can select it when you set up the Cloud Tiering service.

Examples

The following example shows an account that uses two workspaces to create isolated environments for Cloud Volumes ONTAP systems. For example, one workspace might be for a staging environment, while the other is for a production environment.

Cloud Manager and the Cloud Volumes ONTAP systems don’t actually reside in the NetApp Cloud Central account—​they’re running in a cloud provider. This is a conceptual representation of the relationship between each component.

A diagram that shows a single Cloud Central account that contains two workspaces. Each workspace is associated with the same service connector and each has their own Workspace Admin.

Here’s another example that shows the highest level of multi-tenancy by using two separate Cloud Central accounts. For example, a service provider might use Cloud Manager in one Cloud Central account to provide services for their customers, while using another account to provide disaster recovery for one of their business units.

Note that account 2 includes two separate service connectors. This might happen if you have systems in separate regions or in separate cloud providers.

Again, Cloud Manager and the Cloud Volumes ONTAP systems don’t actually reside in the NetApp Cloud Central account—​they’re running in a cloud provider. This is a conceptual representation of the relationship between each component.

A diagram that shows two Cloud Central accounts

FAQ for integration with Cloud Central accounts

Some time after you upgrade to Cloud Manager 3.7, NetApp will choose specific Cloud Manager systems to integrate with Cloud Central accounts. This FAQ can answer questions that you might have about the process.

How long does the process take?

Just a few minutes.

Will Cloud Manager be unavailable?

No, you can still access your Cloud Manager system.

What about Cloud Volumes ONTAP?

There’s no disruption to your Cloud Volumes ONTAP systems.

What happens during this process?

NetApp does the following during the integration process:

  1. Creates a new Cloud Central account and associates it with your Cloud Manager system.

  2. Assigns new roles to each existing user:

    • Cloud Manager Admins become Account Admins

    • Tenant Admins and Working Environment Admins become Workspace Admins

  3. Creates workspaces that replace existing tenants.

  4. Places your working environments in those workspaces.

  5. Associates the service connector with all workspaces.

Does it matter where I installed my Cloud Manager system?

No. NetApp will integrate systems with Cloud Central accounts no matter where they reside, whether that’s in AWS, Azure, or on your premises.