beautypg.com

Managing security, Create security roles, Grant privileges – HP Matrix Operating Environment Software User Manual

Page 44: Create security roles grant privileges

background image

Managing security

The SPM storage catalog contains all the entities—every service template, storage service, array,
storage pool, volume, network, role, security group—the user adds to the catalog.

Create security roles

A set of default security roles is included with SPM that handle simple scenarios. This set can be
changed or extended as desired. The default roles include:

Storage architect — Sets policy

Storage administrator — Manages storage services and resource consumption

Storage operator — Monitors storage services and resource consumption

Consumer — Consumes storage services

NOTE:

In addition to these roles, the following roles are defined in order to facilitate use of SPM

with Matrix OE: Matrix Architect, Matrix Administrator, Matrix Service and Matrix User.

Role creation is handled in the Roles section of Administration.
1.

In the Navigation tree select Roles under Administration.

The Roles page appears in the content pane.

2.

Click Create Role on the bottom right.

The Create Role dialog box appears.

3.

Fill in the required information, noted by a red asterisk, on each tab of the dialog box
(Overview, Privileges, Users and Groups, Security).

4.

Click OK.

The new role appears in the Roles content pane.

To view, modify, or delete roles, see

Managing roles

.

Grant privileges

Privileges are granted to the roles contained within SPM. When creating a new role, these are
assigned on the Privileges tab. To view current privileges assigned to a role, select a role from the
list and click the Privileges tab.

A list of available privileges is provided in the following table.

Table 1 Privileges

Description

Privilege

Grants a role the ability to login

Login

Grants a role the ability to impersonate another user

Login On Behalf Of

Grants a role the ability to run advanced diagnostics

Run Diagnostic

Grants a role the ability to view reports associated with the overall usage of SPM

View Reports

Grants a role the ability to import resources

Import Resources

Grants a role the ability to assign privileges to other roles

Assign privileges

Grants a role the ability to skip internal recovery or exit manual recovery when SPM
is in recovery mode

Modify Recovery Mode

Force service deactivation with offline resources

Force Deactivation

44

Managing storage catalog entities

See also other documents in the category HP Software: