Before mapping groups to roles, review the guidelines.
The RBAC (role-based access control) capabilities include the following roles:
- Storage admin – Full read/write access to storage objects on the arrays, but no access to the security configuration.
- Security admin – Access to the security configuration in Access Management and Certificate Management.
- Support admin – Access to all hardware resources on storage arrays, failure data, and MEL events. No access to storage objects or the security configuration.
- Monitor – Read-only access to all storage objects, but no access to the security configuration.
Note: The Monitor role is required for all users, including the administrator.
If you are using an LDAP (Lightweight Directory Access Protocol) server and Directory Services, make sure that:
- An administrator has defined user groups in the directory service.
- You know the group domain names for the LDAP user groups.