What are the minimum Permissions needed for Trident Admin Users when using a SolidFire Backend?
Applies to
- Trident
- SolidFire
Answer
The minimum permissions required for the Trident Administrator User for SolidFire Backends are Accounts and Volumes.
- Volume access is needed to create the volume.
- Account permissions are needed to read/set the CHAP credentials for the user account.
Example of Permissions for a Trident Admin within the Element UI under Users > Cluster Admins
Optional privileges are Reporting and Cluster Admin.
- Cluster Admin is needed if you want trident to be able create the account for you if it doesn’t exist.
- Reporting is more restrictive than Read access, but still allows API commands related to gathering cluster statistics. This does allow access to a handful of read-only commands that are otherwise only available to ClusterAdmins
Additional Information
Related Articles:
How to update a SolidFire Backend to use a new Tenant account
How does Trident handle CHAP Secrets when conneting to a SolidFire array