SnapDrive commands and capabilities
In role-based access control (RBAC), a specific capability is required for each operation to be successful. A user must have the correct set of capabilities assigned to carry out storage operations.
The following table lists the commands and the corresponding capabilities required:
| Command |
Capability |
|
SD.Storage.Read on volume
|
|
SD.Storage.Read on volume
|
|
|
|
|
|
|
|
SD.SnapShot.Read on volume
|
|
SD.SnapShot.Read on volume
|
|
SD.Storage.Delete on volume
|
|
SD.Storage.Write on volume
|
|
-
For LUN clones in volume: SD.SnapShot.Clone on volume
-
For LUN clones in qtree: SD.SnapShot.Clone on qtree
-
For traditional volume clones: SD.SnapShot.Clone on storage system
-
For FlexClone volume: SD.SnapShot.Clone on the parent volume
-
For unrestricted Flexclone volumes: SD.SnapShot.UnrestrictedClone on the parent volume
|
|
-
For LUN clones (LUN cloned and split in volume): SD.SnapShot.Clone on volume and SD.Storage.Write on volume
-
For LUN clones (LUN cloned and split in qtree): SD.SnapShot.Clone on qtree and SD.Storage.Write on qtree
-
For traditional volume clones which are split: SD.SnapShot.Clone on storage system and SD.Storage.Write on storage system
-
For Flex volume clones which are split: SD.SnapShot.Clone on the parent volume.
|
|
|
|
-
For LUN clones where the LUN resides in volume or qtree: SD.SnapShot.Clone containing volume or qtree
-
For volume clones: SD.SnapShot.Clone on the parent volume
-
For deletion of unrestricted volume clones: SD.SnapShot.DestroyUnrestrictedClone on the volume
|
|
-
For LUN clones where the LUN resides in volume or qtree: SD.SnapShot.Clone on the containing volume or qtree
-
For volume clones: SD.Storage.Delete on the parent volume
-
For deletion of unrestricted volume clones: SD.SnapShot.DestroyUnrestrictedClone on the volume
|
|
-
For LUNs that exist in a volume: SD.SnapShot.Restore on volume and SD.Storage.Write on LUN
-
For LUNs which exists in a qtree: SD.SnapShot.Restore on qtree and SD.Storage.Write on LUN
-
For LUNs which are not in the volumes: SD.SnapShot.Restore on volume and SD.Storage.Write on volume
-
For LUNs which are not in qtree: SD.SnapShot.Restore on qtree and SD.Storage.Write on qtree
-
For volumes: SD.SnapShot.Restore on storage system for traditional volumes, or SD.SnapShot.Restore on aggregate for flexible volumes
-
For single-file snap restore in volumes: SD.SnapShot.Restore on the volume
-
For single-file snap restore in qtree: SD.SnapShot.Restore qtree
-
For overriding baseline Snapshot copies: SD.SnapShot.DisruptBaseline on the volume
|
host connect, host disconnect
|
SD.Config.Write on the LUN
|
|
SD.Config.Read on the storage system
|
|
SD.Config.Write on at least one storage system
|
|
SD.Config.Read on at least one storage system
|
|
SD.Config.Read on at least one storage system
|
|
SD.Config.Write on storage system
|
config set -dfm, config set -mgmtpath,
|
SD.Config.Write on at least one storage system
|
|
SD.Config.Delete on storage system
|
config delete dfm_appliance, config delete -mgmtpath
|
SD.Config.Delete on at least one storage system
|
|
SD.Config.Read on at least one storage system
|
|
SD.Config.Write on at least one storage system
|
|
SD.Config.Delete on at least one storage system
|
|
SD.Config.Read on at least one storage system
|
|
SnapDrive for UNIX does not check any capability for administrator (root).
|
Suggest changes
PDFs