メインコンテンツまでスキップ

SVM レベルの VSC および SRA のすべてのコマンドをロールアップします

Views:
5
Visibility:
Public
Votes:
0
Category:
virtual-storage-console-for-vmware-vsphere
Specialty:
virt
Last Updated:

 

すべてのとおり  

に適用されます

VMware 

回答

SVM レベルの VSC および SRA に対するすべてのコマンドを集計します。

メモ: 重複が削除されました

security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "event generate-autosupport-log"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "job"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "lun comment"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "lun create"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "lun delete"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "lun igroup add"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "lun igroup create"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "lun igroup delete"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "lun igroup disable-aix-support"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "lun igroup modify"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "lun igroup remove"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "lun igroup rename"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "lun igroup set"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "lun igroup show"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "lun igroup unbind"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "lun mapping create"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "lun mapping delete"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "lun mapping show"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "lun modify"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "lun move cancel"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "lun move modify"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "lun move pause"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "lun move recover-source"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "lun move resume"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "lun move show-by-job-info"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "lun move show"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "lun move start"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "lun offline"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "lun online"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "lun persistent-reservation clear"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "lun portset add"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "lun portset create"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "lun portset delete"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "lun portset remove"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "lun portset show"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "lun resize"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "lun set dev_id"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "lun set reservation"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "lun set space-alloc"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "lun show"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "network"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "security login role show-user-capability"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "set"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "snapmirror abort"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "snapmirror break"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "snapmirror check"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "snapmirror create"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "snapmirror delete"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "snapmirror get-volume-status"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "snapmirror initialize"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "snapmirror list-destinations"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "snapmirror modify"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "snapmirror policy add-rule"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "snapmirror policy create"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "snapmirror policy delete"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "snapmirror policy modify-rule"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "snapmirror policy modify"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "snapmirror policy remove-rule"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "snapmirror policy show"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "snapmirror quiesce"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "snapmirror release"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "snapmirror release"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "snapmirror restore"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "snapmirror resume"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "snapmirror resync"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "snapmirror show"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "snapmirror snapshot-owner create"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "snapmirror snapshot-owner delete"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "snapmirror snapshot-owner show"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "snapmirror update-ls-set"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "snapmirror update"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "volume autosize"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "volume clone create"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "volume clone show"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "volume create"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "volume destroy"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "volume efficiency modify"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "volume efficiency off"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "volume efficiency on"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "volume efficiency show"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "volume efficiency start"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "volume efficiency stat"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "volume efficiency stop"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "volume file clone autodelete"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "volume file clone create"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "volume file clone show-autodelete-list"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "volume file reservation"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "volume file show-disk-usage"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "volume file show-disk-usage"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "volume file show-filehandle"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "volume modify"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "volume mount"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "volume offline"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "volume online"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "volume qtree create"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "volume qtree show"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "volume quota report"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "volume restrict"

security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "volume show"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "volume size"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "volume snapshot create"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "volume snapshot delete"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "volume snapshot modify"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "volume snapshot show"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "volume unmount"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver export-policy create"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver export-policy delete"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver export-policy rule create"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver export-policy rule delete"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver export-policy rule modify"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver export-policy rule setindex"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver export-policy rule show"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver export-policy show"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver fcp create"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver fcp delete"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver fcp modify"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver fcp show"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver iscsi create"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver iscsi delete"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver iscsi interface accesslist add"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver iscsi modify"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver iscsi show"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver iscsi start"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver nfs create"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver nfs delete"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver nfs modify"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver nfs show"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver nfs status"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver nfs status"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver peer show"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver services name-service unix-group adduser"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver services name-service unix-group addusers"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver services name-service unix-group create"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver services name-service unix-group delete"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver services name-service unix-group deluser"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver services name-service unix-group file show"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver services name-service unix-group file status"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver services name-service unix-group file-only modify"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver services name-service unix-group file-only show"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver services name-service unix-group load-from-uri"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver services name-service unix-group modify"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver services name-service unix-group show"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver services name-service unix-user create"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver services name-service unix-user delete"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver services name-service unix-user file show"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver services name-service unix-user file status"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver services name-service unix-user file-only modify"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver services name-service unix-user file-only show"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver services name-service unix-user load-from-uri"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver services name-service unix-user modify"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver services name-service unix-user show"
security login role create -role <new_role_name> -vserver <vserver_name> -access all -cmddirname "vserver"
security login role create -role <new_role_name> -vserver <vserver_name> -access readonly -cmddirname "job show-completed"
security login role create -role <new_role_name> -vserver <vserver_name> -access readonly -cmddirname "lun geometry"
security login role create -role <new_role_name> -vserver <vserver_name> -access readonly -cmddirname "lun igroup show"
security login role create -role <new_role_name> -vserver <vserver_name> -access readonly -cmddirname "lun mapping show"
security login role create -role <new_role_name> -vserver <vserver_name> -access readonly -cmddirname "lun persistent-reservation show"
security login role create -role <new_role_name> -vserver <vserver_name> -access readonly -cmddirname "lun show"
security login role create -role <new_role_name> -vserver <vserver_name> -access readonly -cmddirname "network interface"
security login role create -role <new_role_name> -vserver <vserver_name> -access readonly -cmddirname "security login role"
security login role create -role <new_role_name> -vserver <vserver_name> -access readonly -cmddirname "snapmirror list-destinations"
security login role create -role <new_role_name> -vserver <vserver_name> -access readonly -cmddirname "version"
security login role create -role <new_role_name> -vserver <vserver_name> -access readonly -cmddirname "volume efficiency show"
security login role create -role <new_role_name> -vserver <vserver_name> -access readonly -cmddirname "volume qtree show"
security login role create -role <new_role_name> -vserver <vserver_name> -access readonly -cmddirname "volume quota report"
security login role create -role <new_role_name> -vserver <vserver_name> -access readonly -cmddirname "volume quota show"
security login role create -role <new_role_name> -vserver <vserver_name> -access readonly -cmddirname "volume show"
security login role create -role <new_role_name> -vserver <vserver_name> -access readonly -cmddirname "volume snapshot show"
security login role create -role <new_role_name> -vserver <vserver_name> -access readonly -cmddirname "vserver export-policy rule show"
security login role create -role <new_role_name> -vserver <vserver_name> -access readonly -cmddirname "vserver export-policy show"
security login role create -role <new_role_name> -vserver <vserver_name> -access readonly -cmddirname "vserver fcp initiator show"
security login role create -role <new_role_name> -vserver <vserver_name> -access readonly -cmddirname "vserver fcp interface show"
security login role create -role <new_role_name> -vserver <vserver_name> -access readonly -cmddirname "vserver fcp show"
security login role create -role <new_role_name> -vserver <vserver_name> -access readonly -cmddirname "vserver iscsi connection show"
security login role create -role <new_role_name> -vserver <vserver_name> -access readonly -cmddirname "vserver iscsi interface show"
security login role create -role <new_role_name> -vserver <vserver_name> -access readonly -cmddirname "vserver iscsi session show"
security login role create -role <new_role_name> -vserver <vserver_name> -access readonly -cmddirname "vserver iscsi show"
security login role create -role <new_role_name> -vserver <vserver_name> -access readonly -cmddirname "vserver nfs show"
security login role create -role <new_role_name> -vserver <vserver_name> -access readonly -cmddirname "vserver nfs status"
security login role create -role <new_role_name> -vserver <vserver_name> -access readonly -cmddirname "vserver peer show"
security login role create -role <new_role_name> -vserver <vserver_name> -access readonly -cmddirname "vserver"

ontapuser-commands の作成:

:作成するユーザがクラスタレベルユーザか SVM レベルユーザかに関係なく、ユーザを作成するコマンドは同じです。ここでは、整合性と完全性を確保するために、両方を取り上げます

ONTAP クラスタ・ユーザを作成するためのコマンド:

security login create -user-or-group-name <new_user_name> -vserver <cluster_vserver_name> -application ontapi -authentication-method password -role <new_role_name>


:このテストクラスタでは、クラスタレベルの管理 vserver 「 cluster1 」とデータ vserver 「 vm1 」があることがわかります。
 
cluster1::> vserver show
                               Admin      Operational Root
Vserver    Type    Subtype    State      State       Volume     Aggregate
----------- ------- ---------- ---------- ----------- ---------- ----------
cluster1    admin   -          -          -           -          -
cluster1_1  node    -          -          -          -          -
svm1        data    default    running    running     svm1_root  aggr1_
                                                                

cluster1_1
3 entries were displayed.

 
この場合、クラスタレベルのロールとユーザを作成する場合、 Vserver 名はになり‘cluster1’、 SVM レベルのロールとユーザを作成する場合、 Vserver 名はになります‘svm1’.

ONTAP SVM ユーザを作成するためのコマンド:

security login create -user-or-group-name <new_user_name> -vserver <vserver_name> -application ontapi -authentication-method password -role <new_role_name>


:このテストクラスタでは、クラスタレベルの管理 vserver と‘cluster1’データ vserver があることがわかります ‘svm1’:
 
cluster1::> vserver show
                               Admin      Operational Root
Vserver    Type    Subtype    State      State       Volume     Aggregate
----------- ------- ---------- ---------- ----------- ---------- ----------
cluster1    admin   -          -          -           -          -
cluster1_1  node    -          -          -          -          -
svm1        data    default    running    running     svm1_root  aggr1_
 

cluster1_1                                
3 entries were displayed.
 
この場合、クラスタレベルのロールとユーザを作成する場合、 Vserver 名はになり‘cluster1’、 SVM レベルのロールとユーザを作成する場合、 Vserver 名はになります ‘svm1’.

ONTAP SVM ユーザを作成するためのコマンド:

security login create -user-or-group-name <new_user_name> -vserver <vserver_name> -application ontapi -authentication-method password -role <new_role_name>

追加情報

VSC 、 VASA 、 SRA 7.0 ONTAP RBAC の設定については、 KB VSC 、 VASA 、 SRA 7.0 ONTAP RBAC の設定を参照してください