I was unable to find any information on role creation on NetApp Data Ontap 8.1/8.2 cluster-mode filers.
Please let me know different ways of role creation with appropriate access rights.
Can these users/roles created be used in Data Ontap API calls?
You can use the API - security-login-role-create
Possible access level settings are none, read-only, and all. The default setting is all.
Ruby code for this would look like:
request = NaElement.new("security-login-role-create")
request.child_add_string("access-level", new_resource.access_level) if new_resource.access_level
request.child_add_string("return-record", new_resource.return_record) if new_resource.return_record
request.child_add_string("role-query", new_resource.role_query) if new_resource.role_query
result = invoke_elem(request)
Security login roles are covered in the product documentation:
https://library.netapp.com/ecm/ecm_download_file/ECMP1368701 - page 142
When you create users and apply roles, you can specify which application the user has access to.
Valid applications include:
::*> security login create -application
console http ontapi rsh
service-processor snmp ssh telnet
For API use, you'd probably only need ontapi and maybe http users.
You can create users/roles via CLI or via the APIs that Mukta pointed out.
Roles and user creation are under the "security login" command directory:
::*> security login
create delete domain-tunnel lock modify
password publickey role show unlock