VAST Cluster provides you with a granular system for controlling VAST Management System (VMS) permissions. It works like this:
Administrative users who can access the VMS clients (VAST Web UI, VAST CLI, and VAST API) are referred to as managers.
Managers can belong to security groups called roles.
You can assign permissions to managers and to roles.
Managers inherit permissions from any roles they belong to. Example: The manager admin has permission to create analytics reports because the administrators role has permission to create analytics reports and admin belongs to administrators.
The management functionality is separated into realms. Realms are specific sets of managed objects and functions. You can allow a manager to access some realms without allowing the same manager to access other realms. The following realms are defined:
Events. Includes alarms, events, and event definition management, managed via the Alarms and Events page.
Hardware. Includes hardware component management, including all field replacement functionality, via the Maintenance and Hardware pages.
Logical. Includes configuration of object and file storage, such as NFS exports, quotas and VIP pools, via the Configuration page.
Monitoring. Includes monitoring VAST Cluster with analytics reports, via the Analytics page.
Security. Includes management of managers, roles, and client users of storage on VAST Cluster, via the Security page.
Settings. Includes miscellaneous settings managed via the Settings page.
Support. Includes support-related functionality, managed via the Support page.