Required user roles for monitoring resources

When you add storage systems, switches, and hypervisors for monitoring, you must provide a user name and password for logging in to those resources. The role or user group that is assigned to the user name determines the data collection and storage functions that you can use.

The following roles are associated with the user names that IBM Spectrum Control uses to log in to resources. Specify user names when you add a resource for monitoring. These roles are different from IBM Spectrum Control roles, which are assigned to users that log in to IBM Spectrum Control. For more information about IBM Spectrum Control roles, see ../configuring/tpch_r_user_roles.html.

Any roles that are not listed, but include the privileges of the roles that are listed, can also be used for monitoring resources.

Table 1. Required roles for storage system, switch, and hypervisor users
Resource Required role for performance monitors Required role for probes Required role for provisioning, optimizing, and transforming

DS8000

Monitor role or higher

Monitor role or higher

Administrator, Physical operator, or Logical operator

SAN Volume Controller

For versions earlier than 8.3.1.2, Administrator, or SecurityAdmin. For 8.3.1.2 or later, any role but some limitations might apply. Learn more

Monitor role or higher

Administrator

Storwize V3500

Storwize V3700

Storwize V5000

Storwize V7000

For versions earlier than 8.3.1.2, Administrator, or SecurityAdmin. For 8.3.1.2 or later, any role but some limitations might apply. Learn more

Monitor role or higher

Administrator

Storwize V7000 Unified

(block storage)

Administrator

Monitor role or higher

Administrator

IBM Storage FlashSystem 5000

IBM Storage FlashSystem 5100

IBM Storage FlashSystem 7200

IBM Storage FlashSystem 9100

IBM Storage FlashSystem 9200

IBM Storage FlashSystem V9000

For versions earlier than 8.3.1.2, Administrator, or SecurityAdmin. For 8.3.1.2 or later, any role but some limitations might apply. Learn more

Monitor role or higher

Administrator

IBM Storage Virtualize for Public Cloud

For versions earlier than 8.3.1.2, Administrator, or SecurityAdmin. For 8.3.1.2 or later, any role but some limitations might apply. Learn more

Monitor role or higher

Administrator

Storwize V7000 Unified (file storage)

Performance monitoring is not available

Monitor

Administrator, or Export Administrator + Storage Administrator.

XIV

Monitor role or higher

Any role

Storage administrator

IBM Storage Accelerate

IBM FlashSystem A9000

IBM FlashSystem A9000R

Monitor role or higher

Any role

Not available

IBM FlashSystem 900

Monitor role or higher

Monitor role or higher

Not available

IBM Storage Scale (file storage)

Any role

Root or non-root*

Not available

IBM Storage Scale (object storage)

Performance monitoring is not available

The Keystone admin role.

Information is collected only for the object storage accounts and containers that the user has access to. If you want to monitor all accounts and containers, the user must also be assigned the role that is defined in the reseller_admin_role configuration option in the Swift proxy server. The default value for the reseller_admin_role option is ResellerAdmin.

Not available

IBM Cloud Object Storage

Performance monitoring is not available

Operator, System Administrator, or Super User role

Not available

Dell EMC storage systems

Operator role or higher

Operator role or higher

Not available

Hitachi storage systems

In Hitachi Device Manager: The user for the Export Tool must have the Storage Administrator (Performance Management) role

In Hitachi Command Suite: ViewGroup or higher and AdminGroup permission.

Provisioning is not available

NetApp storage systems

Since the Operator role is no longer available for NetApp 9 storage devices, assign the readonly role and grant ssh permission to the user account.

Since the Operator role is no longer available for NetApp 9 storage devices, assign the readonly role and grant ssh permission to the user account.

Not available

Pure storage systems

Role with read-only permission or higher

Role with read-only permission or higher

Not available

Cisco switches

Network-admin

Network-admin

Not applicable

Brocade switches with Fabric OS 8.2.1 or later

User or admin role that has the chassis-role permission

User or admin role that has the chassis-role permission

Not applicable

Brocade switches with a Fabric OS version earlier than 8.2.1

Administrator user in Brocade Network Advisor (BNA)

Administrator user in BNA

Not applicable

Hypervisors (such as ESX, ESXi, and vCenter Servers)

Performance monitoring is not available

A role that has permission to browse through data stores. For example: Administrator role or Virtual Machine Power® User role. For more information about roles and permission to browse data stores, see Checking permissions to browse data stores.

Any role

Rollup servers

Performance monitoring is not available

Administrator

Not available

Note: * You can add IBM Storage Scale and GSS systems as a non-root user, but that user must have privileges to run a set of specified administration commands using the sudo command on the cluster node. For more information, see Monitoring IBM Storage Scale with non-root user privileges.