This section explains roles.
For details on how to configure roles and access scopes for users and user groups, refer to "1.6 User Operations" of the "Reference Guide (Resource Management) CE".
By specifying a combination of role and access scope for the target user or user group, the access privileges are restricted. The access scope is restricted by specifying resource folders, resource pools, or resources in the orchestration tree.
For the following users, only orchestration tree can be used since resources that can be referred are restricted. Switchover to other trees is not possible.
Users with restricted access
Users for which service administrative roles are configured
For details on trees, refer to "1.1 ROR Console" of the "User's Guide for Infrastructure Administrators (Resource Management) CE".
Roles are specified from the following role names:
Operation Scopes of Roles
Resource Types | Operations | Operator (Role) | ||
|---|---|---|---|---|
Infrastructure Administrator infra_admin | Infrastructure Operator infra_operator | Infrastructure Monitor monitor | ||
Application Process | Approval | No | No | No |
Evaluation | Yes | No | No | |
L-Server/L-Platform | Creation | No | No | No |
Modification/Movement/Deletion | No | No | No | |
Power operation (Usage change) (*1) | No | No | No | |
Console Screen Acquisition | No | No | No | |
Snapshot/Backup | No | No | No | |
Image Collection | No | No | No | |
Monitoring | Yes | Yes | Yes | |
Maintenance of L-Servers | Migration | Yes | No | No |
Conversion/Reversion | Yes | No | No | |
Modification to an L-Server for the infrastructure administrator | No | No | No | |
L-Server Templates | Import/Modification/Deletion | Yes | No | No |
Export | Yes | Yes | No | |
Viewing | Yes | Yes | Yes | |
L-Platform Templates | Create new templates | Yes | No | No |
Copying/Modification/Deletion | Yes | No | No | |
Viewing | Yes | Yes (*4) | Yes (*4) | |
L-Server for infrastructure administrator | Creation/Modification/Movement/Deletion | Yes | No | No |
Power operation (Usage change) | Yes | Yes | No | |
Console Screen Acquisition | Yes | Yes | No | |
Snapshot/Backup | Yes | Yes | No | |
Image Collection | Yes | Yes | No | |
Monitoring | Yes | Yes | Yes | |
Maintenance of the L-Server for the infrastructure administrator | Migration | Yes | No | No |
Modification of L-Servers | No | No | No | |
Resource Pool | Creation/Modification/Movement/Deletion | Yes | No | No |
Resource registration/deletion (*2) | Yes | No | No | |
Migration of resources between resource pools | Yes | No | No | |
Monitoring | Yes | Yes | Yes | |
Physical Server | Registration/Deletion | Yes | No | No |
Power Operations (*3) | Yes | Yes | No | |
Console Screen Acquisition | Yes | Yes | No | |
Maintenance Mode Settings | Yes | No | No | |
Monitoring | Yes | Yes | Yes | |
VM Hosts | Registration/Deletion | Yes | No | No |
Power Operations | Yes | Yes | No | |
Maintenance Mode Settings | Yes | No | No | |
Monitoring | Yes | Yes | Yes | |
Storage Management Software | Creation/Modification/Deletion | Yes | No | No |
Monitoring | Yes | Yes | Yes | |
Disks | Registration/Deletion (*2) | Yes | No | No |
Modification | Yes | No | No | |
Monitoring | Yes | Yes | Yes | |
Network | Creation/Modification/Deletion | Yes | No | No |
Monitoring | Yes | Yes | Yes | |
Address | Creation/Modification/Deletion | Yes | No | No |
Monitoring | Yes | Yes | Yes | |
Image | Modification | Yes | No | No |
Deletion | Yes | No | No | |
Monitoring | Yes | Yes | Yes | |
Chassis | Creation/Modification/Deletion | Yes | No | No |
Power Operations | Yes | Yes | No | |
Monitoring | Yes | Yes | Yes | |
Power Monitoring Device | Creation/Modification/Deletion | Yes | No | No |
Monitoring | Yes | Yes | Yes | |
Network Devices | Creation/Modification/Deletion | Yes | No | No |
Monitoring | Yes | Yes | Yes | |
Network Configuration Information | Import | Yes | No | No |
Export | Yes | No | No | |
Server NIC Definitions | Reflect/Display | Yes | No | No |
Pre-configuration | Download | Yes | No | No |
Tenant Folders | Creation/Modification/Movement/Deletion | Yes | No | No |
Monitoring | Yes | Yes | Yes | |
Resource Folders | Creation/Modification/Movement/Deletion | Yes | No | No |
Monitoring | Yes | Yes | Yes | |
L-Server batch power operations under resource folders | No | No | No | |
Users | Modification of individual information | Yes | Yes | Yes |
Addition/Modification/Deletion of users in the user group the user belongs to | Yes | No | No | |
Addition/Modification/Deletion of users in other user groups | Yes | No | No | |
Viewing | Yes | Yes | Yes | |
User registration on the manager during directory service authentication | Yes | No | No | |
Release of user registration during directory service authentication | Yes | No | No | |
User Groups | Creation/Modification/Deletion | Yes | No | No |
Viewing | Yes | Yes | Yes | |
L-Platform Templates | Creation | Yes | No | No |
Copying | Yes | No | No | |
Modification/Deletion | Yes | No | No | |
Viewing | Yes | Yes (*4) | Yes (*4) | |
L-Platform Template | Creation | Yes | No | No |
Copying | Yes | No | No | |
Modification/Deletion/Display Modification | Yes | No | No | |
Viewing | Yes | Yes (*4) | Yes (*4) | |
L-Platform Template | Creation | Yes | No | No |
Modification/Deletion | Yes | No | No | |
Viewing | Yes | Yes (*4) | Yes (*4) | |
L-Platform Template | Creation | Yes | No | No |
Copying | Yes | No | No | |
Modification/Deletion/Display Modification | Yes | No | No | |
Viewing | Yes | Yes (*4) | Yes (*4) | |
*1: Usage changes are only possible when L-Server attributes have been configured in advance.
*2: Users whose access scopes are not restricted should perform resource registration.
*3: The power operations are also available from BladeViewer.
*4: Information about L-Platform templates can only be obtained using the L-Platform API.
Resource Types | Operations | Operator (Role) | ||
|---|---|---|---|---|
Tenant Administrator tenant_admin | Tenant Operator tenant_operator | Tenant Monitor tenant_monitor | ||
Application Process | Approval | Yes (*1) | No | No |
Evaluation | No | No | No | |
L-Server/L-Platform | Creation | Yes | No | No |
Modification/Movement/Deletion | Yes | No | No | |
Power operation (Usage change) (*2) | Yes | Yes | No | |
Console Screen Acquisition | Yes | Yes | No | |
Snapshot/Backup | Yes | Yes | No | |
Image Collection | Yes | Yes | No | |
Monitoring | Yes | Yes | Yes | |
Maintenance of L-Servers | Migration | No | No | No |
Conversion/Reversion | No | No | No | |
Modification to an L-Server for the infrastructure administrator | No | No | No | |
L-Server Templates | Import/Modification/Deletion | No | No | No |
Export | No | No | No | |
Viewing | Yes | No | No | |
L-Platform templates | Create new templates | No | No | No |
Copying/Modification/Deletion | Yes (*3) | No | No | |
Viewing | Yes | Yes (*6) | Yes (*6) | |
L-Server for infrastructure administrator | Creation/Modification/Movement/Deletion | No | No | No |
Power operation (Usage change) | No | No | No | |
Console Screen Acquisition | No | No | No | |
Snapshot/Backup | No | No | No | |
Image Collection | No | No | No | |
Monitoring | No | No | No | |
Maintenance of the L-Server for the infrastructure administrator | Migration | No | No | No |
Modification of L-Servers | No | No | No | |
Resource Pool | Creation/Modification/Movement/Deletion | No | No | No |
Resource registration/deletion (*4) | Yes | No | No | |
Migration of resources between resource pools | Yes | No | No | |
Monitoring | Yes | Yes | No | |
Physical Server | Registration/Deletion | No | No | No |
Power Operations (*5) | No | No | No | |
Console Screen Acquisition | No | No | No | |
Maintenance Mode Settings | No | No | No | |
Monitoring | Yes | Yes | No | |
VM Hosts | Registration/Deletion | No | No | No |
Power Operations | No | No | No | |
Maintenance Mode Settings | No | No | No | |
Monitoring | Yes | Yes | No | |
Storage Management Software | Creation/Modification/Deletion | No | No | No |
Monitoring | Yes | Yes | No | |
Disks | Registration/Deletion (*4) | Yes | No | No |
Modification | Yes | No | No | |
Monitoring | Yes | Yes | No | |
Network | Creation/Modification/Deletion | No | No | No |
Monitoring | Yes | Yes | No | |
Address | Creation/Modification/Deletion | No | No | No |
Monitoring | Yes | Yes | No | |
Image | Modification | Yes | No | No |
Deletion | Yes | No | No | |
Monitoring | Yes | Yes | No | |
Chassis | Creation/Modification/Deletion | No | No | No |
Power Operations | No | No | No | |
Monitoring | No | No | No | |
Power Monitoring Device | Creation/Modification/Deletion | No | No | No |
Monitoring | No | No | No | |
Network Devices | Creation/Modification/Deletion | No | No | No |
Monitoring | Yes | Yes | No | |
Network Configuration Information | Import | No | No | No |
Export | No | No | No | |
Server NIC Definitions | Reflect/Display | No | No | No |
Pre-configuration | Download | No | No | No |
Tenant Folders | Creation/Modification/Movement/Deletion | No | No | No |
Monitoring | Yes | Yes | Yes | |
Resource Folders | Creation/Modification/Movement/Deletion | Yes | No | No |
Monitoring | Yes | Yes | Yes | |
L-Server batch power operations under resource folders | Yes | Yes | No | |
Users | Modification of individual information | Yes | Yes | Yes |
Addition/Modification/Deletion of users in the user group the user belongs to | Yes | No | No | |
Addition/Modification/Deletion of users in other user groups | No | No | No | |
Viewing | Yes | Yes | Yes | |
User registration on the manager during directory service authentication | Yes | No | No | |
Release of user registration during directory service authentication | Yes | No | No | |
User Groups | Creation/Modification/Deletion | No | No | No |
Viewing | Yes | Yes | Yes | |
L-Platform Templates | Creation | Yes | No | No |
Copying | Yes | No | No | |
Modification/Deletion | Yes | No | No | |
Viewing | Yes | Yes (*6) | Yes (*6) | |
L-Platform Template | Creation | Yes | No | No |
Copying | Yes | No | No | |
Modification/Deletion/Display Modification | Yes | No | No | |
Viewing | Yes | Yes (*6) | Yes (*6) | |
L-Platform Template | Creation | Yes | No | No |
Modification/Deletion | Yes | No | No | |
Viewing | Yes | Yes (*6) | Yes (*6) | |
L-Platform Template | Creation | No | No | No |
Copying | Yes | No | No | |
Modification/Deletion/Display Modification | Yes | No | No | |
Viewing | Yes | Yes (*6) | Yes (*6) | |
*1: Tenant administrators approve L-Platform applications submitted by tenant users or other tenant administrators.
*2: Usage changes are only possible when L-Server attributes have been configured in advance.
*3: Only the data that the user copied can be changed or deleted.
*4: Users whose access scopes are not restricted should perform resource registration.
*5: The power operations are also available from BladeViewer.
*6: Information about L-Platform templates can only be obtained using the L-Platform API.
Resource Types | Operations | Tenant User | L-Platform User |
|---|---|---|---|
Application Process | Approval | No | No |
Evaluation | No | No | |
L-Server/L-Platform | Creation | Yes | No |
Modification/Movement/Deletion | No | Yes | |
Power operation (Usage change) (*1) | No | Yes | |
Console Screen Acquisition | No | Yes | |
Snapshot/Backup | No | Yes | |
Image Collection | No | No | |
Monitoring | No | Yes | |
Maintenance of L-Servers | Migration | No | No |
Conversion/Reversion | No | No | |
Modification to an L-Server for the infrastructure administrator | No | No | |
L-Server Templates | Import/Modification/Deletion | No | No |
Export | No | No | |
Viewing | Yes | Yes | |
L-Platform Templates | Create new templates | No | No |
Copying/Modification/Deletion | No | No | |
Viewing | Yes | Yes | |
L-Server for infrastructure administrator | Creation/Modification/Movement/Deletion | No | No |
Power operation (Usage change) | No | No | |
Console Screen Acquisition | No | No | |
Snapshot/Backup | No | No | |
Image Collection | No | No | |
Monitoring | No | No | |
Maintenance of the L-Server for the infrastructure administrator | Migration | No | No |
Modification of L-Servers | No | No | |
Resource Pool | Creation/Modification/Movement/Deletion | No | No |
Resource registration/deletion (*2) | No | No | |
Migration of resources between resource pools | No | No | |
Monitoring | Yes | Yes | |
Physical Server | Registration/Deletion | No | No |
Power Operations (*3) | No | No | |
Console Screen Acquisition | No | No | |
Maintenance Mode Settings | No | No | |
Monitoring | Yes | Yes | |
VM Hosts | Registration/Deletion | No | No |
Power Operations | No | No | |
Maintenance Mode Settings | No | No | |
Monitoring | Yes | Yes | |
Storage Management Software | Creation/Modification/Deletion | No | No |
Monitoring | Yes | Yes | |
Disks | Registration/Deletion (*2) | No | No |
Modification | No | No | |
Monitoring | Yes | Yes | |
Network | Creation/Modification/Deletion | No | No |
Monitoring | Yes | Yes | |
Address | Creation/Modification/Deletion | No | No |
Monitoring | Yes | Yes | |
Image | Modification | No | No |
Deletion | No | No | |
Monitoring | Yes | Yes | |
Chassis | Creation/Modification/Deletion | No | No |
Power Operations | No | No | |
Monitoring | No | No | |
Power Monitoring Device | Creation/Modification/Deletion | No | No |
Monitoring | No | No | |
Network Devices | Creation/Modification/Deletion | No | No |
Monitoring | Yes | Yes | |
Network Configuration Information | Import | No | No |
Export | No | No | |
Server NIC Definitions | Reflect/Display | No | No |
Pre-configuration | Download | No | No |
Tenant Folders | Creation/Modification/Movement/Deletion | No | No |
Monitoring | Yes | Yes | |
Resource Folders | Creation/Modification/Movement/Deletion | No | No |
Monitoring | Yes | Yes | |
L-Server batch power operations under resource folders | No | No | |
Users | Modification of individual information | Yes | Yes |
Addition/Modification/Deletion of users in the user group the user belongs to | No | No | |
Addition/Modification/Deletion of users in other user groups | No | No | |
Viewing | Yes | Yes | |
User registration on the manager during directory service authentication | No | No | |
Release of user registration during directory service authentication | No | No | |
User Groups | Creation/Modification/Deletion | No | No |
Viewing | Yes | Yes | |
L-Platform Templates | Creation | No | No |
Copying | No | No | |
Modification/Deletion | No | No | |
Viewing | Yes | No | |
L-Platform templates | Creation | No | No |
Copying | No | No | |
Modification/Deletion/Display Modification | No | No | |
Viewing | Yes | No | |
L-Platform templates | Creation | No | No |
Modification/Deletion | No | No | |
Viewing | Yes | No | |
L-Platform templates | Creation | No | No |
Copying | No | No | |
Modification/Deletion/Display Modification | No | No | |
Viewing | Yes | No |
*1: Usage changes are only possible when L-Server attributes have been configured in advance.
*2: Users whose access scopes are not restricted should perform resource registration.
*3: The power operations are also available from BladeViewer.
Resource Types | Operations | Administrator | Operator | Monitor |
|---|---|---|---|---|
Application Process | Approval (*1) | Yes | No | No |
Evaluation | Yes | No | No | |
L-Server/L-Platform | Creation | Yes | No | No |
Modification/Movement/Deletion | Yes | No | No | |
Power operation (Usage change) (*2) | Yes | Yes | No | |
Console Screen Acquisition | Yes | Yes | No | |
Snapshot/Backup | Yes | Yes | No | |
Image Collection | Yes | Yes | No | |
Monitoring | Yes | Yes | Yes | |
Maintenance of L-Servers | Migration | Yes | No | No |
Conversion/Reversion | Yes | No | No | |
Modification to an L-Server for the infrastructure administrator | No | No | No | |
L-Server Templates | Import/Modification/Deletion | Yes | No | No |
Export | Yes | Yes | No | |
Viewing | Yes | Yes | Yes | |
L-Platform Templates | Create new templates | Yes | No | No |
Copying/Modification/Deletion | Yes | No | No | |
Viewing | Yes | Yes (*5) | Yes (*5) | |
L-Server for infrastructure administrator | Creation/Modification/Movement/Deletion | Yes | No | No |
Power operation (Usage change) | Yes | Yes | No | |
Console Screen Acquisition | Yes | Yes | No | |
Snapshot/Backup | Yes | Yes | No | |
Image Collection | Yes | Yes | No | |
Monitoring | Yes | Yes | Yes | |
Maintenance of the L-Server for the infrastructure administrator | Migration | Yes | No | No |
Modification of L-Servers | No | No | No | |
Resource Pool | Creation/Modification/Movement/Deletion | Yes | No | No |
Resource registration/deletion (*3) | Yes | No | No | |
Migration of resources between resource pools | Yes | No | No | |
Monitoring | Yes | Yes | Yes | |
Physical Server | Registration/Deletion | Yes | No | No |
Power Operations (*4) | Yes | Yes | No | |
Console Screen Acquisition | Yes | Yes | No | |
Maintenance Mode Settings | Yes | No | No | |
Monitoring | Yes | Yes | Yes | |
VM Hosts | Registration/Deletion | Yes | No | No |
Power Operations | Yes | Yes | No | |
Maintenance Mode Settings | Yes | No | No | |
Monitoring | Yes | Yes | Yes | |
Storage Management Software | Creation/Modification/Deletion | Yes | No | No |
Monitoring | Yes | Yes | Yes | |
Disks | Registration/Deletion (*3) | Yes | No | No |
Modification | Yes | No | No | |
Monitoring | Yes | Yes | Yes | |
Network | Creation/Modification/Deletion | Yes | No | No |
Monitoring | Yes | Yes | Yes | |
Address | Creation/Modification/Deletion | Yes | No | No |
Monitoring | Yes | Yes | Yes | |
Image | Modification | Yes | No | No |
Deletion | Yes | No | No | |
Monitoring | Yes | Yes | Yes | |
Chassis | Creation/Modification/Deletion | Yes | No | No |
Power Operations | Yes | Yes | No | |
Monitoring | Yes | Yes | Yes | |
Power Monitoring Device | Creation/Modification/Deletion | Yes | No | No |
Monitoring | Yes | Yes | Yes | |
Network Devices | Creation/Modification/Deletion | Yes | No | No |
Monitoring | Yes | Yes | Yes | |
Network Configuration Information | Import | Yes | No | No |
Export | Yes | No | No | |
Server NIC Definitions | Reflect/Display | Yes | No | No |
Pre-configuration | Download | Yes | No | No |
Tenant Folders | Creation/Modification/Movement/Deletion | Yes | No | No |
Monitoring | Yes | Yes | Yes | |
Resource Folders | Creation/Modification/Movement/Deletion | Yes | No | No |
Monitoring | Yes | Yes | Yes | |
L-Server batch power operations under resource folders | Yes | Yes | No | |
Users | Modification of individual information | Yes | Yes | Yes |
Addition/Modification/Deletion of users in the user group the user belongs to | Yes | No | No | |
Addition/Modification/Deletion of users in other user groups | Yes | No | No | |
Viewing | Yes | Yes | Yes | |
User registration on the manager during directory service authentication | Yes | No | No | |
Release of user registration during directory service authentication | Yes | No | No | |
User Groups | Creation/Modification/Deletion | Yes | No | No |
Viewing | Yes | Yes | Yes | |
L-Platform Templates | Creation | Yes | No | No |
Copying | Yes | No | No | |
Modification/Deletion | Yes | No | No | |
Viewing | Yes | Yes (*5) | Yes (*5) | |
L-Platform Template | Creation | Yes | No | No |
Copying | Yes | No | No | |
Modification/Deletion/Display Modification | Yes | No | No | |
Viewing | Yes | Yes (*5) | Yes (*5) | |
L-Platform Template | Creation | Yes | No | No |
Modification/Deletion | Yes | No | No | |
Viewing | Yes | Yes (*5) | Yes (*5) | |
L-Platform Template | Creation | Yes | No | No |
Copying | Yes | No | No | |
Modification/Deletion/Display Modification | Yes | No | No | |
Viewing | Yes | Yes (*5) | Yes (*5) |
*1: Dual-role administrators approve L-Platform applications submitted by dual-role administrators.
*2: Usage changes are only possible when L-Server attributes have been configured in advance.
*3: Users whose access scopes are not restricted should perform resource registration.
*4: The power operations are also available from BladeViewer.
*5: Information about L-Platform templates can only be obtained using the L-Platform API.
Note
When an access scope of operation for a user or user group is limited, other users and user groups cannot perform operations from trees other than the orchestration tree. Operate resources registered in a resource pool, by selecting the resource in the resource pool after selection from the orchestration tree. To operate resources which are not registered in resource pool or resources which are unable to be registered, use a user with full operation access scope.
For details on how to configure access scopes, refer to "1.6 User Operations" in the "Reference Guide (Resource Management) CE".
