Required user roles for monitoring resources
When you add storage systems, switches, and hypervisors for monitoring, you must provide a user name and password for logging in to those resources. The role or user group that is assigned to the user name determines the data collection and storage functions that you can use.
The following roles are associated with the user names that IBM Spectrum Control uses to log in to resources. Specify user names when you add a resource for monitoring. These roles are different from IBM Spectrum Control roles, which are assigned to users that log in to IBM Spectrum Control. For more information about IBM Spectrum Control roles, see ../configuring/tpch_r_user_roles.html.
Any roles that are not listed, but include the privileges of the roles that are listed, can also be used for monitoring resources.
Resource | Required role for performance monitors | Required role for probes | Required role for provisioning, optimizing, and transforming |
---|---|---|---|
DS8000 |
Monitor role or higher |
Monitor role or higher |
Administrator, Physical operator, or Logical operator |
SAN Volume Controller |
For versions earlier than 8.3.1.2, Administrator, or SecurityAdmin. For 8.3.1.2 or later, any role but some limitations might apply. Learn more |
Monitor role or higher |
Administrator |
Storwize V3500 Storwize V3700 Storwize V5000 Storwize V7000 |
For versions earlier than 8.3.1.2, Administrator, or SecurityAdmin. For 8.3.1.2 or later, any role but some limitations might apply. Learn more |
Monitor role or higher |
Administrator |
Storwize V7000 Unified (block storage) |
Administrator |
Monitor role or higher |
Administrator |
IBM Storage FlashSystem 5000 IBM Storage FlashSystem 5100 IBM Storage FlashSystem 7200 IBM Storage FlashSystem 9100 IBM Storage FlashSystem 9200 IBM Storage FlashSystem V9000 |
For versions earlier than 8.3.1.2, Administrator, or SecurityAdmin. For 8.3.1.2 or later, any role but some limitations might apply. Learn more |
Monitor role or higher |
Administrator |
IBM Storage Virtualize for Public Cloud |
For versions earlier than 8.3.1.2, Administrator, or SecurityAdmin. For 8.3.1.2 or later, any role but some limitations might apply. Learn more |
Monitor role or higher |
Administrator |
Storwize V7000 Unified (file storage) |
Performance monitoring is not available |
Monitor |
Administrator, or Export Administrator + Storage Administrator. |
XIV |
Monitor role or higher |
Any role |
Storage administrator |
IBM Storage Accelerate IBM FlashSystem A9000 IBM FlashSystem A9000R |
Monitor role or higher |
Any role |
Not available |
IBM FlashSystem 900 |
Monitor role or higher |
Monitor role or higher |
Not available |
IBM Storage Scale (file storage) |
Any role |
Root or non-root* |
Not available |
IBM Storage Scale (object storage) |
Performance monitoring is not available |
The Keystone admin role. Information is collected only for the object storage accounts and containers that the user has access to. If you want to monitor all accounts and containers, the user must also be assigned the role that is defined in the reseller_admin_role configuration option in the Swift proxy server. The default value for the reseller_admin_role option is ResellerAdmin. |
Not available |
IBM Cloud Object Storage |
Performance monitoring is not available |
Operator, System Administrator, or Super User role |
Not available |
Dell EMC storage systems |
Operator role or higher |
Operator role or higher |
Not available |
Hitachi storage systems |
In Hitachi Device Manager: The user for the Export Tool must have the Storage Administrator (Performance Management) role |
In Hitachi Command Suite: ViewGroup or higher and AdminGroup permission. |
Provisioning is not available |
NetApp storage systems |
Since the Operator role is no longer available for NetApp 9 storage devices, assign the readonly role and grant ssh permission to the user account. |
Since the Operator role is no longer available for NetApp 9 storage devices, assign the readonly role and grant ssh permission to the user account. |
Not available |
Pure storage systems |
Role with read-only permission or higher |
Role with read-only permission or higher |
Not available |
Cisco switches |
Network-admin |
Network-admin |
Not applicable |
Brocade switches with Fabric OS 8.2.1 or later |
User or admin role that has the chassis-role permission |
User or admin role that has the chassis-role permission |
Not applicable |
Brocade switches with a Fabric OS version earlier than 8.2.1 |
Administrator user in Brocade Network Advisor (BNA) |
Administrator user in BNA |
Not applicable |
Hypervisors (such as ESX, ESXi, and vCenter Servers) |
Performance monitoring is not available |
A role that has permission to browse through data stores. For example: Administrator role or Virtual Machine Power® User role. For more information about roles and permission to browse data stores, see Checking permissions to browse data stores. |
Any role |
Rollup servers |
Performance monitoring is not available |
Administrator |
Not available |
Note:
* You can add IBM
Storage Scale and GSS
systems as a non-root user, but that user must have privileges to run a set of specified
administration commands using the sudo command on the cluster node. For more information, see Monitoring IBM Storage Scale with non-root user privileges.
|