Does anyone know if there is a document that specifies which permissions are required to run each of the PowerShell cmdlets? For example, a simple script to modify volume quotas and run reports requires the user to have access to the following commands:
>version (Runs after the Connect-NcController cmdlet)
>volume quota * (Required to query or modify quotas)
>jobs show (Required when running Start-NcQuotaResize)
Once I figured this out, things went as planned but it took a bit of troubleshooting to figure out the correct permissions. If this was documented somewhere it would make the scripting much easier.
I don't think they are centrally documented anywhere, but one thing that will help you is to examine the help for the cmdlets in question. Under the Notes section (usually), it will detail the apis that get used by the cmdlet. I think most if not all cmdlets map to an API on the back-end. Use the list of APIs used to determine which api-* permissions you need to assign to your roles.
For example, Get-NaVol uses these APIs according to the help:
Thanks for all the posts. The Get-NaHelp cmdlet that you mentioned will be extremely helpful. I'm trying to control access with custom roles so this will allow me to restrict access to only the API commands necessary.