Skip to main content
NetApp Knowledge Base

How to configure RBAC for Virtual Storage Console

Last Updated:

Applies to

  • FlexPod
  • Virtual Storage Console (VMware)


This article describes the procedure that should be followed to configure RBAC for VSC.

Virtual Storage Console (VSC) for VMware vSphere supports both vCenter role-based access-control (RBAC) and Data ONTAP RBAC.

To enable users to work with VSC, they must have the proper privileges to both vCenter and to the storage controllers. Users can use a system administrator login to access VSC or utilize accounts with RBAC roles. To simplify RBAC, the following options are available for vCenter and Data ONTAP:

  • Pre-configured VSC-specific roles:
    These roles are added to vCenter when VSC is installed. These roles contain both the VSC privileges and the vCenter Server privileges that you need to perform certain tasks such as provisioning new datastores or backing up virtual machines.
    Note: Default RBAC roles are only included in VSC 4.2 and later
  • RBAC User Creator for Data ONTAP:
    The RBAC User Creator tool provides a simple GUI that allows roles to be configured quickly on storage systems. This tool and detailed screenshots on how to use it are posted on the Netapp Community Forum. You can download the RBAC User Creator tool from the ToolChest.  The latest privilege file (named ontapPrivs.xml) can be found as an attachment on this KB.  Simply replace the default ontapPrivs.xml file in the installation directory with the new one.


Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

Scan to view the article on your device