Skip to main content
본 한국어 번역은 사용자 편의를 위해 제공되는 기계 번역입니다. 영어 버전과 한국어 버전이 서로 어긋나는 경우에는 언제나 영어 버전이 우선합니다.

최소 권한으로 ONTAP 클러스터 역할을 생성합니다

기여자

SnapCenter에서 작업을 수행하기 위해 ONTAP 관리자 역할을 사용할 필요가 없도록 최소 권한으로 ONTAP 클러스터 역할을 생성해야 합니다. 여러 ONTAP CLI 명령을 실행하여 ONTAP 클러스터 역할을 생성하고 최소 권한을 할당할 수 있습니다.

  • 단계 *

    1. 스토리지 시스템에서 역할을 생성하고 역할에 모든 권한을 할당합니다.

      'Security login role create – vserver <cluster_name\> - role <role_name\> - cmddirname <permission\>'

    참고 각 권한에 대해 이 명령을 반복해야 합니다.
    1. 사용자를 생성하고 해당 사용자에게 역할을 할당합니다.

      '보안 로그인 생성 - 사용자 <user_name\> - vserver <cluster_name\> - application ontapi - AuthMethod password - role <role_name\>'

    2. 사용자 잠금을 해제합니다.

      '보안 로그인 잠금 해제 - 사용자 <user_name\> - vserver <cluster_name\>'

클러스터 역할을 생성하고 권한을 할당하는 ONTAP CLI 명령입니다

클러스터 역할을 생성하고 권한을 할당하려면 몇 가지 ONTAP CLI 명령을 실행해야 합니다.

참고 SnapCenter 5.0부터는 클러스터 관리자가 REST API를 사용하는 경우에만 지원됩니다. 비 클러스터 관리자를 사용하여 역할을 생성하려면 ZAPI를 사용해야 합니다.
  • security login role create -vserver Cluster_name or cluster_name -role Role_Name -cmddirname "metrocluster show" -access readonly

  • security login role create -vserver Cluster_name or cluster_name -role Role_Name -cmddirname "cluster identity modify" -access all

  • security login role create -vserver Cluster_name -role Role_Name -cmddirname "cluster identity show" -access all

  • security login role create -vserver Cluster_name -role Role_Name -cmddirname "cluster modify" -access all

  • security login role create -vserver Cluster_name -role Role_Name -cmddirname "cluster peer show" -access all

  • security login role create -vserver Cluster_name -role Role_Name -cmddirname "cluster show" -access all

  • security login role create -vserver Cluster_name -role Role_Name -cmddirname "event generate-autosupport-log" -access all

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "job history show" - access all'

  • security login role create -vserver Cluster_name -role Role_Name -cmddirname "job show" -access all

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "job stop" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "lun" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "lun create" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "lun delete" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "lun igroup add" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "lun igroup create" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "lun igroup delete" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "lun igroup modify" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "lun igroup rename" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "lun igroup show" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "lun mapping add-reporting-nodes" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "lun mapping create" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "lun mapping delete" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "lun mapping remove-reporting-nodes" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "lun mapping show" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "lun modify" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "lun move-in-volume" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "lun offline" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "lun online" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "lun persistent-reservation clear" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "lun resize" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "lun serial" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "lun show" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "network interface create" - access readonly

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "network interface delete" - access readonly'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "network interface modify" - access readonly

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname' network interface show "-access readonly

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "security login" - access readonly'

  • 'Security login role create - role_Name - cmddirname "SnapMirror create" - vserver Cluster_name - access all'

  • 'Security login role create - role_Name - cmddirname "SnapMirror list-destinations" - vserver Cluster_name - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "SnapMirror policy add-rule" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "SnapMirror policy create" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "SnapMirror policy delete" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "SnapMirror policy modify" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "snapmirror policy modify -rule" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "SnapMirror policy remove-rule" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "SnapMirror policy show" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "SnapMirror restore" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "snapmirror show" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "snapmirror show-history" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "SnapMirror update" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "SnapMirror update-ls-set" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "system license add" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "system license clean-up" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "system license delete" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname' system license show "-access all'을 참조하십시오

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "system license status show" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "system node modify" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname' system node show "-access all'을 선택합니다

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "system status show" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "version" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "volume clone create" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "volume clone show" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "volume clone split start" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "volume clone split stop" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "volume create" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "volume destroy" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "volume file clone create" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "volume file show -disk-usage" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "volume modify" - access all'

  • security login role create -vserver Cluster_name -role Role_Name -cmddirname "volume snapshot modify-snaplock-expiry-time" -access all

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "volume offline" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "volume online" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "volume qtree create" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "volume qtree delete" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "volume qtree modify" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "volume qtree show" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "volume restrict" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "volume show" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "volume snapshot create" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "volume snapshot delete" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "volume snapshot modify" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "volume snapshot promote" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "volume snapshot rename" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "volume snapshot restore" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "volume snapshot restore-file" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "volume snapshot show" - access all'

  • security login role create -vserver Cluster_name -role Role_Name -cmddirname "volume snapshot show-delta" -access all

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "volume unmount" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "vserver" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "vserver cifs create" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "vserver cifs delete" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "vserver cifs modify" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "vserver cifs share modify" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "vserver cifs share create" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "vserver cifs share delete" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "vserver cifs share modify" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "vserver cifs share show" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "vserver cifs show" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "vserver create" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "vserver export-policy create" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "vserver export - policy delete" - access all'

  • '보안 로그인 역할 생성 - vserver Cluster_name - role Role_Name - cmddirname "vserver export-policy rule create" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "vserver export-policy rule delete" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "vserver export-policy rule modify" - access all'

  • '보안 로그인 역할 생성 - vserver Cluster_name - role Role_Name - cmddirname "vserver export-policy rule show" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "vserver export-policy show" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "vserver iscsi connection show" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "vserver modify" - access all'

  • 'Security login role create - vserver Cluster_name - role Role_Name - cmddirname "vserver show" - access all'