Active IQ Unified Manager read-only account privileges for ONTAP
Applies to
- Active IQ Unified Manager 9.x+ ( AIQUM )
- OnCommand Unified Manager 7.2+ ( OCUM )
- OnCommand Unified Manager 6.x ( OCUM )
Description
This article describes how to create a role in ONTAP with minimum permission and access as necessarily required by a local user account, which will be used by Unified Manager.
More about this article:
-
This is living breathing article, which means if we created a read-only (minimum permission) role in ONTAP following this article and still run into an issue then hopefully the same article will help you update the role with the missing/required APIs.
-
The article includes the different ontapi as part of the attach files that will help you create a local user account with minimum permissions.
- The article includes minimum ontapi commands that was tested in 8.3.2, 9.1 through 9.6.
- You must add/remove the cluster with admin privileges, when adding, once the poll is completed you can change to the readonly user created.