Add Role
Overview
This function combines several user policies and creates a user-specific role (custom role).
Up to 20 roles can be created per storage system.
Policy
The 16 types of access privileges shown below are available.
| Policies | Description |
|---|---|
Status Display |
Status display functions (storage system status, RAID group list, volume list, copy session list, etc.) |
RAID Group Management |
RAID group, Thin Provisioning Pool, Eco-mode, hot spare disk setting functions, etc. |
Volume - Create / Modify |
Volume setting functions (register/modify/expand), etc. |
Volume - Delete / Format |
Volume setting functions (delete/format), etc. |
Host Interface Management |
Host interface management functions (host group settings, port group settings, LUN group settings, host affinity settings), etc. |
NAS Management (*1) |
NAS setting functions (create NAS interface, create NAS shared folders), etc. |
Advanced Copy Management |
Local Advanced Copy setting functions, Remote Advanced Copy setting functions, etc. |
Copy Session Management |
Advanced Copy session management functions (start/stop/delete), etc. |
Storage Migration Management |
Storage Migration setting functions (start/suspend/stop/restart/delete path), etc. |
Storage Management |
Configuration setting functions of the storage system (date and time, network, remote support), etc. |
User Management |
User account setting functions (create/change/delete), etc. |
Authentication / Role |
External authentication and role setting functions (create/change/delete), etc. |
Security Setting |
Security setting functions of drives, etc. |
Maintenance Information |
Exporting and deleting functions of maintenance information (performance information, configuration information, events, storage system logs, panic dumps), etc. |
Firmware Management |
Firmware management functions (for users without the "Maintenance Operation" policy who need to set the controller firmware) |
Maintenance Operation |
Maintenance operation/preventive maintenance operation of hardware and firmware |
| *1 | : | This policy is displayed in a Unified Storage environment. |
A role without any policies cannot be created.
The storage system has Default Roles.
Multiple policies can be allocated to one role.
A role that is created can be allocated to a user account by using the [Setup User Account] function.
User Privileges
Availability of Executions in the Default Role
| Default role | Availability of executions |
|---|---|
| Monitor | |
| Admin | |
| StorageAdmin | |
| AccountAdmin | |
| SecurityAdmin | |
| Maintainer |
Refer to "User Roles and Policies" for details on the policies and roles.
Settings
In this screen, create the role and select its policies.
Role Setting
| Item | Description | Setting values |
|---|---|---|
Name |
Input a role name. (Required) The role name, which has previously been used (including the default role name), cannot be used. |
Up to 16 alphanumeric characters and symbols (except "," (comma) and "?") |
Target Policy
Policies
Select the checkbox of the policies that are to be allocated to the created role.
Status Display
RAID Group Management
Volume - Create / Modify
Volume - Delete / Format
Host Interface Management
NAS Management
Advanced Copy Management
Copy Session Management
Storage Migration Management
Storage Management
User Management
Authentication / Role
Security Setting
Maintenance Information
Firmware Management
Maintenance Operation
Default Roles
The policies for the default role is as follows:
| Policies | Default role | ||||||
|---|---|---|---|---|---|---|---|
| Monitor | Admin | StorageAdmin | AccountAdmin | SecurityAdmin | Maintainer | Software (*1) |
|
Status Display |
|||||||
RAID Group Management |
|||||||
Volume - Create / Modify |
|||||||
Volume - Delete / Format |
|||||||
Host Interface Management |
|||||||
NAS Management |
|||||||
Advanced Copy Management |
|||||||
Copy Session Management |
|||||||
Storage Migration Management |
|||||||
Storage Management |
|||||||
User Management |
|||||||
Authentication / Role |
|||||||
Security Setting |
|||||||
Maintenance Information |
|||||||
Firmware Management |
|||||||
Maintenance Operation |
|||||||
| *1 | : | "Software" is the role that is used for external software. A user account with the "Software" role cannot log in to Web GUI. |
Operating Procedures
Click [Add Role] in [Action].
Input the role name, select the policies for the role, and click the [Create] button.
→ A confirmation screen appears.
Caution- An error screen appears in the following conditions:
The "Name" does not satisfy the input conditions
The "Name" has already been used
- An error screen appears in the following conditions:
Click the [OK] button.
→ Addition of the user role starts.
Click the [Done] button to return to the [Define Role] screen.