Roles and permissions

System Administrator Guide for Virtual Storage Platform E Series

Part Number

The following table lists all of the available user roles and shows the permissions that each role provides to the users. Custom user roles are not supported.

Important: The Support Personnel group and the Support Personnel (Vendor Only) role contain permissions to perform maintenance on the storage system. Assign this role only to the accounts used by support personnel from vendors responsible for maintenance.
The roles for Hitachi Storage Advisor Embedded users are:
  • Storage Administrator (Initial Configuration)
  • Storage Administrator (System Resource Management)

    This role is not required when the DKCMAIN firmware version is 93-06-3x or earlier.

  • Storage Administrator (Provisioning)
  • Storage Administrator (Local Backup Management)
  • Storage Administrator (Remote Backup Management)
  • Security Administrator (View and Modify)
  • Maintenance (User)
Role Permissions
Security Administrator (View Only)
  • Viewing information about user accounts and encryption settings
  • Viewing information about the encryption key in the key SVP
  • Viewing information about the external authentication by the maintenance utility
  • Viewing information about the cloud connection settings
Security Administrator (View & Modify)
  • Configuring user accounts
  • Creating encryption keys and configuring encryption settings
  • Viewing and switching where encryption keys are generated
  • Backing up and restoring encryption keys
  • Deleting encryption keys backed up in the key SVP
  • Viewing and changing the password policy for backing up encryption keys on the management client
  • Connection to the external server
  • Backing up and restoring connection configuration to the external server
  • Configuring the certificate used for the SSL communication
  • Configuring the fibre channel authentication (FC-SP)
  • Configuring resource groups
  • Editing virtual management settings
  • Setting reserved attributes for global-active device
  • Configuring external authentication by the maintenance utility
  • Setting up and clearing the cloud connection settings
Audit Log Administrator (View Only)
  • Viewing audit log information and downloading audit logs
Audit Log Administrator (View & Modify)
  • Configuring audit log settings and downloading audit logs
Storage Administrator (View Only)
  • Viewing storage system information
Storage Administrator (Initial Configuration)
  • Configuring settings for storage systems
  • Configuring settings for SNMP
  • Configuring settings for e-mail notification
  • Configuring settings for license keys
  • Viewing, deleting, and downloading storage configuration reports
  • Acquiring all the information about the storage system and updating Device Manager - Storage Navigator window by clicking Refresh All
Storage Administrator (System Resource Management)
  • Configuring settings for CLPR
  • Configuring settings for MP unit
  • Deleting tasks and releasing exclusive locks of resources
  • Configuring LUN security
  • Configuring namespace security using CCI
  • Configuring Server Priority Manager
  • Configuring tiering policies
  • Remote copy operations in general
Storage Administrator (Provisioning)
  • Configuring caches
  • Creating parity groups
  • Configuring volumes, pools, and virtual volumes
  • Formatting and shredding volumes
  • Configuring external volumes
  • Configuring Dynamic Provisioning
  • Configuring host groups, paths, and WWN
  • Configuring NVM subsystems, namespaces, paths, and host NQNs using CCI
  • Configuring Volume Migration except splitting Volume Migration pairs when using CCI
  • Configuring access attributes for volumes
  • Configuring LUN security
  • Configuring namespace security using CCI
  • Creating and deleting quorum disk used with global-active device
  • Creating and deleting global-active device pairs
  • Editing virtual management settings
  • Setting reserved attributes for global-active device.
Storage Administrator (Performance Management)
  • Configuring monitoring
  • Starting and stopping monitoring
Storage Administrator (Local Copy)
  • Performing pair operations for local copy
  • Configuring environmental settings for local copy
  • Splitting Volume Migration pairs when using CCI
Storage Administrator (Remote Copy)
  • Remote copy operations in general
  • Performing operations on existing global-active device pairs (pair creation and pair deletion are not allowed)
Support Personnel (Vendor Only) Normally, this role is for service representatives.
  • Configuring the SVP
Support Personnel (User)
  • Viewing storage system status
  • Installing OS security patches
  • Updating operating systems
  • Performing basic maintenance