cDOT 8.3 on FAS8020
Is there a way to grant a cDOT local user to create/delete snapshots only to a specific set of volumes? I know I can create a custom role to allow only snapshot creations/deletions but is there a way to further restrict to only a set of volumes?
You can try below steps,
security login role create snapRole -cmddirname "volume snapshot" -access all -vserver <vservername>security login role modify -role snapRole -cmddirname DEFAULT -vserver <vservername> -access nonesecurity login create -user-or-group-name snapUser -application ontapi -authmethod password -role snapRole -vserver <vservername>
You can use queries with the role create/modify command to do this. For example,
cluster::> security login role create -role testrole -vserver <vservername> -access all -cmddirname "volume snapshot" -query "-volume *abc*|nfs*"
this command will create a role that lets the user access snapshots only for volumes with names starting with "nfs" or volumes with the pattern "abc" somewhere in thier names.
Hope you understood.
Hi George , thanks for the answer. I really appreciate the materials and people out there at NetApp who help customers like us to make our life easy.
Thanks a ton, cheers
NetApp Wins One Silver and One Bronze Stevie® Award in 2022 Stevie Awards for Sales and Customer Service
Live Chat, Watch Parties, and More!
Engage digitally throughout the sales process, from product discovery to conﬁguration, and handle all your post-purchase needs.