Workflow for user management and access control

REST API Reference Guide for Virtual Storage Platform 5000, Virtual Storage Platform E Series, and Virtual Storage Platform G/F Series

Version
93-07-0x
90-09-0x
88-08-10
Audience
anonymous
Part Number
MK-98RD9014-17
This section describes the workflow for creating users who will perform operations on storage systems and for setting access permissions for the resources necessary for those operations.

When using the REST API to create a user, specify a user group to which the user will belong. Assign, in advance, resource groups and roles to the user group based on the types of resources on which the users in that user group can operate and the operation permissions of users in that user group.

The following figure shows the workflow for specifying user and access control settings. If you are using the meta_resource group or built-in user group, you do not need to configure the resource group or the user group.

Set resource groups

Create a resource group, and then add resources such as parity groups, LDEVs, and ports. Group resources by business or organization into units for controlling access.

Set user groups

Create a user group. Assign resource groups and roles based on the types of resources on which the users in that user group can operate and the operation permissions of users in that user group.

Set users

Create a user. Specify the user group to which the user will belong, and then add the user to that user group. The user then can use the resources in the resource groups assigned to the user group according to the assigned roles.