Thursday, July 17, 2014

RBAC for Nimble vCenter Plugin

Hi Friends,

If you haven't had a chance to take a look at the Nimble plugin for vCenter, it's VERY cool!  It comes built into newer versions of Nimble OS and you just need to point it to your vCenter server to get some great storage features right inside vCenter.

Like what you ask?  Well, you can create, delete, edit, clone, resize or take snapshots of your datastores.

But what about RBAC?  Say I have a user that has administration access to vCenter, but I only want him to have read access to the storage.  Can that be done?  It sure can because Nimble works with your vCenter and your AD server.  Here's an example.  I've created a user called neil1 and I've given him admin access to vCenter, but I only want him to have read-only access to the storage plugin.

I've created a vCenter Role called Test.  In Test you can specify all of the normal vCenter permissions, but you also get a Nimble Storage, Inc. which provides the ability to give specific Nimble permissions to your users.  Here I've given the Test Role read-only access.

In the example below I've already created my neil1 user in AD and I'm assigning him to the Test Role in vCenter.

Next I'm going to log out of vCenter as Administrator and log back in as neil1.  If you compare this screenshot to the second screenshot you'll notice all of the storage tools are grayed out, allowing neil1 read-only access to the Nimble.  Pretty cool huh?

Until Next Time!

No comments:

Post a Comment