Role Create

From OSNEXUS Online Documentation Site
Jump to: navigation, search
Create custom roles which define User Permissions.
Authorization is controlled by each user's assigned Role. Roles must be created or modified to limit user access to operations.

In QuantaStor, the "Create Role" feature allows administrators to define custom roles with specific access privileges and permissions within the storage management software. Roles provide a way to group together common sets of permissions and assign them to users or user groups, simplifying access control and ensuring consistent access rights across the system.

Roles are represented as a collection of operations on object types at a specific scoping level. The scope limits how the operation can be used. For example, at the scope of 'system' then the permission assignment applies to all objects of that type in the system. For example, if you have 'Storage Volume' + 'Delete' as the operation and the scope is 'System' then you can delete any storage volume in the system or grid. But, if the scope is reduced to 'group/cloud' then you can only delete the storage volumes in your assigned storage cloud. To further restrict the role you can assign just the 'user' level scope which only allows the use to execute the given operation on resources of that type that they own / have created. Going back to the example of deleting a storage volume, you would want the scope to be 'user' if you only want users with the role to be able to delete their own storage volumes and not those of other users.

The purpose of the Create Role feature in QuantaStor includes:

  • Access Control: Roles enable administrators to define fine-grained access control policies by specifying the permissions and privileges associated with each role. By creating roles, administrators can grant or restrict access to various resources within the QuantaStor storage system, such as storage volumes, shares, file systems, or management functions.
  • Role-Based Access Control (RBAC): QuantaStor supports RBAC, where access privileges are assigned based on user roles. The Create Role feature allows administrators to define custom roles tailored to specific job functions or responsibilities within the organization. Each role can have its own set of permissions and restrictions, allowing administrators to implement a structured access control framework.
  • Simplified User Management: By assigning users or user groups to roles, administrators can streamline user management. Instead of individually configuring permissions for each user, roles provide a convenient way to assign access privileges in a more centralized and consistent manner. This simplifies user provisioning, access control, and maintenance tasks.
  • Security and Compliance: Creating roles helps enforce security and compliance requirements within the QuantaStor system. By defining roles with specific permissions, administrators can ensure that users have appropriate access rights and prevent unauthorized actions. Roles also support auditing and compliance efforts by providing a clear mapping of access privileges to user responsibilities.
  • Scalability and Efficiency: Roles improve scalability and efficiency in managing access control settings. Instead of configuring access permissions for individual users, administrators can assign roles to users or user groups. This simplifies the process of granting or revoking access privileges, making it easier to manage large numbers of users or changing access requirements.
  • Customization and Flexibility: The Create Role feature allows administrators to tailor access privileges according to the unique needs of their organization. By defining custom roles, administrators can align the permissions with specific job functions or operational requirements. This customization provides flexibility in adapting the access control framework to the organization's specific workflows and security policies.

Overall, the purpose of the Create Role feature in QuantaStor is to provide administrators with a flexible and customizable way to define access privileges and permissions within the storage management software. Roles help enforce access control, simplify user management, support RBAC, enhance security and compliance, improve scalability and efficiency, and enable customization based on the organization's requirements.


Navigation: Security --> Management Roles --> Role --> Create (toolbar)









Return to the QuantaStor Web Admin Guide