SnapCenter ships with pre-defined roles, each with a set of permissions already enabled. When setting up and administering role-based access control (RBAC), you can either use these pre-defined roles or create new ones.
SnapCenter includes the following pre-defined roles:
For information about pre-defined roles and permissions for SnapCenter Plug-in for VMware vSphere users, see the information about SnapCenter Plug-in for VMware vSphere.
When you add a user to a role, you must assign either the StorageConnection permission to enable storage virtual machine (SVM) communication, or assign an SVM to the user to enable permission to use the SVM. The Storage Connection permission enables users to create SVM connections.
For example, a user with the SnapCenter Admin role can create SVM connections and assign them to a user with the App Backup and Clone Admin role, which by default does not have permission to create or edit SVM connections. Without an SVM connection, users cannot complete any backup, clone, or restore operations.
The App Backup and Clone Admin role has the permissions required to perform administrative actions for application backups and clone-related tasks. This role does not have permissions for host management, provisioning, storage connection management, or remote installation.
Permissions | Enabled | Create | Read | Update | Delete |
---|---|---|---|---|---|
Resource Group | Not applicable | Yes | Yes | Yes | Yes |
Policy | Not applicable | Yes | Yes | Yes | Yes |
Backup | Not applicable | Yes | Yes | Yes | Yes |
Host | Not applicable | Yes | Yes | Yes | Yes |
Storage Connection | Not applicable | No | Yes | No | No |
Clone | Not applicable | Yes | Yes | Yes | Yes |
Provision | Not applicable | No | Yes | No | No |
Dashboard | Yes | Not applicable | Not applicable | Not applicable | Not applicable |
Reports | Yes | Not applicable | Not applicable | Not applicable | Not applicable |
Restore | Yes | Not applicable | Not applicable | Not applicable | Not applicable |
Resource | Yes | Yes | Yes | Yes | Yes |
Plug-in Install/Uninstall | No | Not applicable | Not applicable | Not applicable | |
Migration | No | Not applicable | Not applicable | Not applicable | Not applicable |
Mount | Yes | Yes | Not applicable | Not applicable | Not applicable |
Unmount | Yes | Yes | Not applicable | Not applicable | Not applicable |
Full Volume Restore | No | No | Not applicable | Not applicable | Not applicable |
The Backup and Clone Viewer role has read-only view of all permissions. This role also has permissions enabled for discovery, reporting, and access to the Dashboard.
Permissions | Enabled | Create | Read | Update | Delete |
---|---|---|---|---|---|
Resource Group | Not applicable | No | Yes | No | No |
Policy | Not applicable | No | Yes | No | No |
Backup | Not applicable | No | Yes | No | No |
Host | Not applicable | No | Yes | No | No |
Storage Connection | Not applicable | No | Yes | No | No |
Clone | Not applicable | No | Yes | No | No |
Provision | Not applicable | No | Yes | No | No |
Dashboard | Yes | Not applicable | Not applicable | Not applicable | Not applicable |
Reports | Yes | Not applicable | Not applicable | Not applicable | Not applicable |
Restore | No | No | Not applicable | Not applicable | Not applicable |
Resource | No | No | Yes | Yes | No |
Plug-in Install/Uninstall | No | Not applicable | Not applicable | Not applicable | Not applicable |
Migration | No | Not applicable | Not applicable | Not applicable | Not applicable |
Mount | Yes | Not applicable | Not applicable | Not applicable | Not applicable |
Unmount | Yes | Not applicable | Not applicable | Not applicable | Not applicable |
Full Volume Restore | No | Not applicable | Not applicable | Not applicable | Not applicable |
The Infrastructure Admin role has permissions enabled for host management, storage management, provisioning, resource groups, remote installation reports, and access to the Dashboard.
Permissions | Enabled | Create | Read | Update | Delete |
---|---|---|---|---|---|
Resource Group | Not applicable | Yes | Yes | Yes | Yes |
Policy | Not applicable | No | Yes | Yes | Yes |
Backup | Not applicable | Yes | Yes | Yes | Yes |
Host | Not applicable | Yes | Yes | Yes | Yes |
Storage Connection | Not applicable | Yes | Yes | Yes | Yes |
Clone | Not applicable | No | Yes | No | No |
Provision | Not applicable | Yes | Yes | Yes | Yes |
Dashboard | Yes | Not applicable | Not applicable | Not applicable | Not applicable |
Reports | Yes | Not applicable | Not applicable | Not applicable | Not applicable |
Restore | Yes | Not applicable | Not applicable | Not applicable | Not applicable |
Resource | Yes | Yes | Yes | Yes | Yes |
Plug-in Install/Uninstall | Yes | Not applicable | Not applicable | Not applicable | Not applicable |
Migration | No | Not applicable | Not applicable | Not applicable | Not applicable |
Mount | No | Not applicable | Not applicable | Not applicable | Not applicable |
Unmount | No | Not applicable | Not applicable | Not applicable | Not applicable |
Full Volume Restore | No | No | Not applicable | Not applicable | Not applicable |