HP Virtual Connect Enterprise Manager 6.3 CLI Guide
RBAC Details
VCEM provides the following role based user types. Individual VCEMCLI commands require different
access permissions based on the resource involved and the read or write operation being called.
Access is determined based on the credentials used by VCEMCLI.
• VCEM Administrator—Manages all VCEM resources. All operations are permitted to all
resources.
• VCEM Domain Group Administrator—Manages VC Domains and server profiles in one or
more VC Domain Groups.
• VCEM Domain Group Limited Operator—Manages the same tasks as the VCEM Domain Group
Operator except for creating, editing, and deleting a server profile.
• VCEM Domain Group Operator—Manages server profiles in one or more VC Domain Groups.
• VCEM User (Read Only)—Has read-only access to all VCEM resources.
Table 2 lists command line options and the role-based user access privileges that can use the
commands.
Table 2 RBAC privileges
VCEM User
(read only)
VCEM
Group
Limited
Operator
VCEM
Group
Operator
VCEM
Group
Administrator
VCEM
AdministratorCommand line options
xxx-add profile
xxx-set profile
xxxx-assign profile
xxxx-unassign profile
xxx-add enet-connection
xxx-set enet-connection
xxx-remove enet-connection
xxx-add fc-connection
xxx-set fc-connection
xxx-remove fc-connection
xxx-add fcoe-connection
xxx-set fcoe-connection
xxx-remove fcoe-connection
xxx-add iscsi-connection
xxx-set iscsi-connection
xxx-remove iscsi-connection
xxx-add server-port-map
xxx-set server-port-map
xxx-remove server-port-map
xxxx-poweroff enclosurename
xxxx-poweron enclosurename
xxxxx-show power-status
Role based Access Control (RBAC) 11