This section explains roles.
Use a command to specify the role and access scope settings for users and user groups. For details on the commands, refer to "E.6 User Operations".
By specifying a combination of role and access scope for the target user or user group, the access privileges are restricted. The access scope is restricted by specifying resource folders, resource pools, or resources in the orchestration tree.
Roles are specified from the following role names:
Resource Type | Available Operations | Role Names | ||||||||
|---|---|---|---|---|---|---|---|---|---|---|
supervisor (special administrator) | admin (administrator) | operator (operator) | monitor (monitor) | lserver_admin (L-Server administrator) | lserver_operator (L-Server operator) | lserver_monitor (L-Server monitor) | infra_admin (infrastructure administrator) | infra_operator (infrastructure operator) | ||
L-Server | Creation/Modification/Deletion | Yes | Yes | No | No | Yes | No | No | No | No |
Power Operations | Yes | Yes | Yes | No | Yes | Yes | No | No | No | |
Snapshot | Yes | Yes | Yes | No | Yes | Yes | No | No | No | |
Backup | Yes (*1) | Yes (*1) | Yes (*1) | No | Yes (*2) | Yes (*2) | No | No | No | |
Migration | Yes | Yes | No | No | No | No | No | Yes | No | |
Changing of Server Usage | Yes | Yes | Yes (*3) | No | Yes | Yes (*3) | No | No | No | |
Monitoring | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | |
Image Collection | Yes (*1) | Yes (*1) | Yes (*1) | No | Yes (*2) | Yes (*2) | No | No | No | |
Resource Pool | Use/Release of Resources | Yes | Yes | No | No | Yes | No | No | No | No |
Creation/Modification/Deletion | Yes | Yes | No | No | No | No | No | Yes | No | |
Resource Registration/Deletion | Yes (*4) | Yes (*4) | No | No | No | No | No | Yes (*4) | No | |
Monitoring | Yes | Yes | Yes | Yes | Yes | Yes | No | Yes | Yes | |
Physical server, VM host | Registration/Deletion | Yes (*5) | Yes (*5) | No | No | No | No | No | Yes (*5) | No |
Power Operations | Yes (*6) | Yes (*6) | Yes (*6) | No | No | No | No | Yes (*6) | Yes (*6) | |
Maintenance Mode Settings | Yes (*6) | Yes (*6) | No | No | No | No | No | Yes (*6) | No | |
Monitoring | Yes (*6) | Yes (*6) | Yes (*6) | Yes (*6) | Yes (*6) | Yes (*6) | No | Yes (*6) | Yes (*6) | |
Storage | Registration/Modification/Deletion of Storage Management Software | Yes | Yes | No | No | No | No | No | Yes | No |
Monitoring | Yes (*6) | Yes | Yes (*6) | Yes (*6) | Yes (*6) | Yes (*6) | No | Yes (*6) | Yes (*6) | |
Network | Creation/Modification/Deletion | Yes (*6) | Yes (*5) | No | No | No | No | No | Yes (*6) | No |
Monitoring | Yes (*6) | Yes (*5) | Yes (*6) | Yes (*6) | Yes (*6) | Yes (*6) | No | Yes (*6) | Yes (*6) | |
Address | Creation/Modification/Deletion | Yes (*6) | Yes | No | No | No | No | No | Yes (*6) | No |
User | Changing one's User Information | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Addition/Modification/Deletion of Users from one's Own User Group | Yes | Yes | No | No | Yes | No | No | Yes | No | |
Addition/Modification/Deletion of Users other than Special Administrators | Yes | No | No | No | No | No | No | No | No | |
Yes: Operation can be performed.
No: Operation cannot be performed.
*1: When the server type of an L-Server is "Physical", operation can only be performed if the access scope is not restricted.
*2: Operation is only possible when the server type is "Virtual".
*3: Operation is only possible when L-Server attributes have been configured in advance.
*4: Operation can only be performed if the access scope is not restricted.
*5: Operation can only be performed in the server tree. It can only be performed if the access scope is not restricted.
*6: If the access scope is restricted, this operation can only be performed if a resource is selected in a resource pool.
Adding Settings
This section explains how to add role settings.
Specify the role to assign to the access scope. The default setting is "admin".
Execute the rcxadm usergroup modify command.
For details on the command, refer to "E.6.2 rcxadm usergroup".
