ONTAP Discussions

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ONTAP Discussions

Ask a Question

ActiveIQ Unified Manager Least Privilege Account

TMADOCTHOMAS
‎2021-02-18 12:17 PM
2,466 Views

ActiveIQ Unified Manager documentation says the following about the local account used for discovery:

 

------------------------------------

This account must have the admin role with Application access set to ontapi, ssh, and http.

------------------------------------

 

My question: is this really accurate? I don't see why it requires the admin role since AIUM is just reading data to populate charts and tables. Anyone have insight here? We are trying to reduce service accounts to the least amount of permissions needed and I'm thinking this is a good candidate for reduction, but documentation says otherwise.

0 Kudos
View By:
3 REPLIES 3

Mjizzini
Community Manager
‎2021-02-23 12:15 AM
2,377 Views

This account must have the admin role with Application access set to ontapi, ssh, and http

 

Unable to add cluster to Active IQ Unified Mana

0 Kudos

TMADOCTHOMAS
‎2021-02-23 06:04 AM
In response to Mjizzini
2,361 Views

Okay thank you @Mjizzini. Are there any recommendations to securing this account since it has to have these rights?

0 Kudos

liu
a week ago
62 Views

It is convenient for you to obtain the health of the cluster, capacity performance, so that you can find and solve problems in time

What permissions are required to add a cluster to AIQUM? - NetApp Knowledge Base

0 Kudos
Announcements
All Community Forums
Public