Contents
- Cisco UCS XML Object-Access Privileges
- Privileges Summary Table
- Privileges
- aaa
- admin
- ext-lan-config
- ext-lan-policy
- ext-lan-qos
- ext-lan-security
- ext-san-config
- ext-san-policy
- ext-san-qos
- ext-san-security
- fault
- ls-config
- ls-config-policy
- ls-ext-access
- ls-network
- ls-network-policy
- ls-power
- ls-qos
- ls-qos-policy
- ls-security
- ls-security-policy
- ls-server
- ls-server-oper
- ls-server-policy
- ls-storage
- ls-storage-policy
- operations
- pn-equipment
- pn-maintenance
- pn-policy
- pn-security
- pod-config
- pod-policy
- pod-qos
- pod-security
- power-mgmt
- read-only
Cisco UCS XML Object-Access Privileges
This chapter includes the following sections:
Privileges Summary Table
When users are assigned to a role, that role allows certain privileges. Those privileges allow the user access to specific system resources and authorize permission to perform tasks on those resources. The following table lists each privilege and the initial default user role that has been given that privilege.
Internal Name |
Label |
Description |
Default Role Assignment |
---|---|---|---|
AAA |
System security and AAA |
AAA Administrator |
|
ADMIN |
Access to everything (combines all roles) |
Administrator |
|
EXT_LAN_CONFIG |
Configuration of network end points, UCDs, etc. |
Network Administrator |
|
EXT_LAN_POLICY |
External network policies |
Network Administrator |
|
EXT_LAN_QOS |
External LAN QoS |
Network Administrator |
|
EXT_LAN_SECURITY |
External LAN security |
Network Administrator |
|
EXT_SAN_CONFIG |
Configuration of network end points, UCDs, etc. |
Storage Administrator |
|
EXT_SAN_POLICY |
External SAN policy |
Storage Administrator |
|
EXT_SAN_QOS |
External SAN QoS |
Storage Administrator |
|
EXT_SAN_SECURITY |
External SAN security (VACLs, etc.) |
Storage Administrator |
|
FAULT |
Alarms, alarm policies, etc. |
Operations |
|
LS_CONFIG |
Service profile configuration |
Server Profile Administrator |
|
LS_CONFIG_POLICY |
Service profile configuration policy |
Server Profile Administrator |
|
LS_EXT_ACCESS |
Service profile end point access |
Server Profile Administrator |
|
LS_NETWORK |
Service profile network |
Network Administrator |
|
LS_NETWORK_POLICY |
Setting up MAC pools, etc. |
Network Administrator |
|
LS_POWER |
LS power management |
Facility Manager |
|
LS_QOS |
Service profile QoS |
Network Administrator |
|
LS_QOS_POLICY |
Setting up ls-level QoS |
Network Administrator |
|
LS_SECURITY |
Service profile security |
Server Security Administrator |
|
LS_SECURITY_POLICY |
Setting up security policies |
Server Security Administrator |
|
LS_SERVER |
Service profile server management |
Server Security Administrator |
|
LS_SEVER_OPER |
Server profile consumer role |
Server Profile Administrator |
|
LS_SERVER_POLICY |
Service profile pool policy |
Server Security Administrator |
|
LS_STORAGE |
Service profile storage |
Storage Administrator |
|
LS_STORAGE_POLICY |
Service profile storage policy |
Storage Administrator |
|
OPERATIONS |
Logs, call home functionality, etc. |
Operations |
|
PN_EQUIPMENT |
Server hardware management |
Server Equipment Administrator |
|
PN_MAINTENANCE |
Server maintenance (update BIOS, etc.) |
Server Equipment Administrator |
|
PN_POLICY |
Physical server policies |
Server Equipment Administrator |
|
PN_SECURITY |
Physical node security |
Server Equipment Administrator |
|
POD_CONFIG |
Pod configuration |
Network Administrator |
|
POD_POLICY |
Pod policies |
Network Administrator |
|
POD_QOS |
Internal pod-QoS (if needed) |
Network Administrator |
|
POD_SECURITY |
Pod security |
Network Administrator |
|
POWER_MGMT |
Data center power management |
Facility Manager |
|
READ_ONLY |
Read-only access |
Available to all roles |
Privileges
aaa
Purpose
System security and AAA.
This privilege has read and write access to all users, roles, AAA, and communication services configuration. Read access is available for all other objects.
Responsible Role
AAA Administrator
Controlled Objects
aaa:AuthRealm, aaa:EpAuthProfile, aaa:EpUser, aaa:ExtMgmtCutThruTkn, aaa:LdapEp, aaa:LdapProvider, aaa:Locale, aaa:Log, aaa:Org, aaa:RadiusEp, aaa:RadiusProvider, aaa:RemoteUser, aaa:Role, aaa:Session, aaa:SshAuth, aaa:TacacsPlusEp, aaa:TacacsPlusProvider, aaa:User, aaa:UserEp, aaa:UserLocale, aaa:UserRole, comm:Cimxml, comm:Dns, comm:DnsProvider, comm:EvtChannel, comm:Http, comm:Https, comm:SmashCLP, comm:Snmp, comm:SnmpTrap, comm:SnmpUser, comm:Ssh, comm:SvcEp, comm:Telnet, comm:WebChannel, comm:Wsman, comm:XmlClConnPolicy, comm:XmlClConnPolicy, pki:CertReq, pki:KeyRing, pki:TP
admin
Purpose
System administration
Responsible Role
Administrator
Controlled Objects
This role is system level. The administrator controls all objects.
ext-lan-config
Purpose
External LAN configuration
Responsible Role
Network Administrator
Controlled Objects
adaptor:ExtIf, adaptor:ExtEthIf, adaptor:HostIf, adaptor:HostEthIf, adaptor:HostFcIf, comm:DateTime, comm:Dns, comm:DnsProvider, comm:NtpProvider, fabric:EthLan, fabric:EthLanEp, fabric:EthLanPc, fabric:EthLanPcEp, fabric:LanCloud, fabric:LanPinGroup, fabric:LanPinTarget, fabric:Vlan, macpool:Format, network:Element, top:System, vnic:FcOEIf, vnic:LanConnTempl
ext-lan-policy
Purpose
External LAN policy
Responsible Role
Network Administrator
Controlled Objects
adaptor:ExtIf, adaptor:ExtEthIf, adaptor:HostIf, adaptor:HostEthIf, adaptor:HostFcIf, fabric:EthLan, fabric:EthLanEp, fabric:EthLanPc, fabric:EthLanPcEp, fabric:LanCloud, fabric:LanPinGroup, fabric:LanPinTarget, fabric:VCon, fabric:VConProfile, fabric:Vlan, macpool:Format, vnic:FcOEIf, vnic:LanConnTempl
ext-lan-qos
Purpose
External LAN QoS
Responsible Role
Network Administrator
Controlled Objects
qosclass:Definition, qosclass:EthBE, qosclass:EthClassified, qosclass:Fc
ext-lan-security
Purpose
External LAN security
Responsible Role
Network Administrator
Controlled Objects
comm:DateTime, comm:NtpProvider
ext-san-config
Purpose
External SAN configuration
Responsible Role
Storage Administrator
Controlled Objects
fabric:FcSan, fabric:FcSanEp, fabric:FcSanPc, fabric:FcSanPcEp, fabric:FcVsanPortEp, fabric:SanPinGroup, fabric:SanPinTarget, fabric:Vsan, fcpool:Format, vnic:FcOEIf
ext-san-policy
Purpose
External SAN policy
Responsible Role
Storage Administrator
Controlled Objects
fabric:FcSan, fabric:FcSanEp, fabric:FcSanPc, fabric:FcSanPcEp, fabric:FcVsanPortEp, fabric:SanPinGroup, fabric:SanPinTarget, fabric:Vsan, fcpool:Format, vnic:FcOEIf
ext-san-qos
Purpose
External SAN QoS
Responsible Role
Storage Administrator
Controlled Objects
qosclass:Definition, qosclass:EthBE, qosclass:EthClassified, qosclass:Fc
ext-san-security
Purpose
External SAN security
Responsible Role
Storage Administrator
Controlled Objects
There are no objects assigned to this privilege.
fault
Purpose
Alarms and alarm policies
Responsible Role
Operations
Controlled Objects
callhome:Policy, event:EpCtrl, event:Log, fault:Holder, fault:Inst, fault:Policy
ls-config
Purpose
Service profile configuration
Responsible Role
Server Profile Administrator
Controlled Objects
bios:VFeat, bios:VfConsoleRedirection, bios:VfEnhancedIntelSpeedStepTech, bios:VfFrontPanelLockout, bios:VfIntelHyperThreadingTech, bios:VfIntelTurboBoostTech, bios:VfIntelVTForDirectedIO, bios:VfIntelVirtualizationTechnology, bios:VfLvDIMMSupport, bios:VfMirroringMode, bios:VfNUMAOptimized, bios:VfProcessorC3Report, bios:VfProcessorC6Report, bios:VfQuietBoot, bios:VfResumeOnACPowerLoss, bios:VfSelectMemoryRASConfiguration, bios:VProfile, extvmm:Ep, extvmm:KeyRing, extvmm:KeyStore, extvmm:MasterExtKey, extvmm:Provider, extvmm:SwitchDelTask, ls:ComputeBinding, ls:Binding, ls:Requirement, ls:Power, ls:Server, ls:Tie, lsboot:Def, lsboot:Lan, lsboot:LanImagePath, lsboot:LocalStorage, lsboot:SanImage, lsboot:SanImagePath, lsboot:Storage, lsboot:VirtualMedia, org:Org, power:Group, power:Regulation, power:Rule, sol:Config, storage:LocalDiskConfigDef, storage:LocalDiskPartition, vm:Cont, vm:DirCont, vm:DC, vm:DCOrg, vm:Org, vm:Switch, vm:DC, vm:DCOrg, vm:Org, vm:Switch, vm:VnicProfCl, vnic:BootTarget, vnic:DynamicCon, vnic:Ether, vnic:EtherIf, vnic:Fc, vnic:FcIf, vnic:FcOEIf, vnic:IPv4Dhcp, vnic:IPv4Dns, vnic:IPv4If, vnic:IPv4StaticRoute, vnic:IpV4PooledAddr, vnic:IpV4StaticAddr, vnic:Ipc, vnic:IpcIf, vnic:Scsi, vnic:ScsiIf
ls-config-policy
Purpose
Service profile configuration policy
Responsible Role
Server Profile Administrator
Controlled Objects
adaptor:EthCompQueueProfile, adaptor:EthFailoverProfile, adaptor:EthInterruptProfile, adaptor:EthOffloadProfile, adaptor:EthRecvQueueProfile, adaptor:EthWorkQueueProfile, adaptor:ExtIpV6RssHashProfile, adaptor:FcCdbWorkQueueProfile, adaptor:FcErrorRecoveryProfile, adaptor:FcInterruptProfile, adaptor:FcPortFLogiProfile, adaptor:FcPortPLogiProfile, adaptor:FcPortProfile, adaptor:FcRecvQueueProfile, adaptor:FcWorkQueueProfile, adaptor:HostEthIfProfile, adaptor:HostFcIfProfile, adaptor:IpV4RssHashProfile, adaptor:IpV6RssHashProfile, adaptor:RssProfile, extvmm:Ep, extvmm:KeyRing, extvmm:KeyStore, extvmm:MasterExtKey, extvmm:Provider, extvmm:SwitchDelTask, firmware:ComputeHostPack, firmware:ComputeMgmtPack, ls:AgentPolicy, ls:ComputeBinding, ls:Binding, ls:Requirement, ls:Tier, lsboot:Def, lsboot:Lan, lsboot:LanImagePath, lsboot:LocalStorage, lsboot:Policy, lsboot:SanImage, lsboot:SanImagePath, lsboot:Storage, lsboot:VirtualMedia, org:Org, sol:Config, sol:Policy, storage:LocalDiskConfigDef, storage:LocalDiskConfigPolicy, storage:LocalDiskPartition, vm:Cont, vm:DirCont, vm:DC, vm:DCOrg, vm:Org, vm:Switch, vm:DC, vm:DCOrg, vm:Org, vm:Switch, vm:VnicProfCl
ls-ext-access
Purpose
Service profile end point access
Responsible Role
Server Profile Administrator
This privilege is not used.
ls-network
Purpose
Service profile network
Responsible Role
Network Administrator
Controlled Objects
dpsec:Mac, extvmm:Provider, extvmm:SwitchDelTask, fabric:DceSwSrvEp, fabric:VCon, fabric:VConProfile, flowctrl:Definition, flowctrl:Item, macpool:Format, nwctrl:Definition, qos:Definition, epqos:Definition, epqos:DefinitionDelTask, qosclass:Definition, qos:Item, epqos:Item, epqos:Egress, qosclass:Item, qosclass:Eth, qosclass:EthBE, qosclass:EthClassified, qosclass:Fc, vm:Cont, vm:DirCont, vm:DC, vm:DCOrg, vm:Org, vm:Switch, vm:DC, vm:DCOrg, vm:Org, vm:Switch, vm:VnicProfCl, vnic:DefBeh, vnic:DynamicCon, vnic:DynamicConPolicy, vnic:DynamicIdUniverse, vnic:Ether, vnic:EtherIf, vnic:IPv4Dhcp, vnic:IPv4Dns, vnic:IPv4If, vnic:IPv4StaticRoute, vnic:IpV4PooledAddr, vnic:IpV4StaticAddr, vnic:Ipc, vnic:IpcIf, vnic:LanConnTempl, vnic:Profile, vnic:ProfileSet
ls-network-policy
Purpose
Service profile network policy
Responsible Role
Network Administrator
Controlled Objects
dpsec:Mac, fabric:DceSrv, fabric:DceSwSrv, fabric:DceSwSrvEp, fabric:EthDiag, fabric:FcDiag, fabric:VCon, fabric:VConProfile, flowctrl:Definition, flowctrl:Item, ippool:Block, ippool:Pool, macpool:Block, macpool:Format, macpool:Pool, nwctrl:Definition, qos:Definition, epqos:Definition, epqos:DefinitionDelTask, qosclass:Definition, qos:Item, epqos:Item, epqos:Egress, qosclass:Item, qosclass:Eth, qosclass:EthBE, qosclass:EthClassified, qosclass:Fc, uuidpool:Block, vnic:DynamicCon, vnic:DynamicConPolicy, vnic:DynamicIdUniverse, vnic:LanConnTempl, vnic:Profile, vnic:ProfileSet
ls-power
Purpose
Service profile power management
Responsible Role
Facility Manager
ls-qos
Purpose
Service profile
Responsible Role
QoS Network Administrator
This privilege is not used.
ls-qos-policy
Purpose
Service profile QoS policy
Responsible Role
Network Administrator
Controlled Objects
flowctrl:Definition, flowctrl:Item, qos:Definition, epqos:Definition, epqos:DefinitionDelTask, qosclass:Definition, qos:Item, epqos:Item, epqos:Egress, qosclass:Item, qosclass:Eth, qosclass:EthBE, qosclass:EthClassified, qosclass:Fc
ls-security
Purpose
Service profile security
Responsible Role
Server Security Administrator
Controlled Objects
aaa:EpAuthProfile, aaa:EpUser
ls-security-policy
Purpose
Service profile security policy
Responsible Role
Server Security Administrator
Controlled Objects
aaa:EpAuthProfile, aaa:EpUser
ls-server
Purpose
Service profile server management
Responsible Role
Server Security Administrator
Controlled Objects
bios:VFeat, bios:VfConsoleRedirection, bios:VfEnhancedIntelSpeedStepTech, bios:VfFrontPanelLockout, bios:VfIntelHyperThreadingTech, bios:VfIntelTurboBoostTech, bios:VfIntelVTForDirectedIO, bios:VfIntelVirtualizationTechnology, bios:VfLvDIMMSupport, bios:VfMirroringMode, bios:VfNUMAOptimized, bios:VfProcessorC3Report, bios:VfProcessorC6Report, bios:VfQuietBoot, bios:VfResumeOnACPowerLoss, bios:VfSelectMemoryRASConfiguration, bios:VProfile, ls:ComputeBinding, ls:Binding, ls:Requirement, ls:Power, ls:Server, ls:Tier, lsboot:Def, lsboot:Lan, lsboot:LanImagePath, lsboot:LocalStorage, lsboot:SanImage, lsboot:SanImagePath, lsboot:Storage, lsboot:VirtualMedia, power:Group, power:Regulation, power:Rule, sol:Config, storage:LocalDiskConfigDef, storage:LocalDiskPartition, vnic:BootTarget, vnic:DefBeh, vnic:DynamicCon, vnic:Ether, vnic:EtherIf, vnic:Fc, vnic:FcIf, vnic:FcNode, vnic:FcOEI, vnic:IPv4Dhcp, vnic:IPv4Dns, vnic:IPv4If, vnic:IPv4StaticRoute, vnic:IpV4PooledAddr, vnic:IpV4StaticAddr, vnic:Ipc, vnic:IpcIf, vnic:Scsi, vnic:ScsiIf
ls-server-oper
Purpose
Service profile consumer role
This privilege controls these operations on the service profile:
Responsible Role
Server Profile Administrator
ls-server-policy
Purpose
Service profile pool policy
Responsible Role
Server Security Administrator
Controlled Objects
adaptor:EthCompQueueProfile, adaptor:EthFailoverProfile, adaptor:EthInterruptProfile, adaptor:EthOffloadProfile, adaptor:EthRecvQueueProfile, adaptor:EthWorkQueueProfile, adaptor:ExtIpV6RssHashProfile, adaptor:FcCdbWorkQueueProfile, adaptor:FcErrorRecoveryProfile, adaptor:FcInterruptProfile, adaptor:FcPortFLogiProfile, adaptor:FcPortPLogiProfile, adaptor:FcPortProfile, adaptor:FcRecvQueueProfile, adaptor:FcWorkQueueProfile, adaptor:HostEthIfProfile, adaptor:HostFcIfProfile, adaptor:IpV4RssHashProfile, adaptor:IpV6RssHashProfile, adaptor:RssProfile, bios:VFeat, bios:VfConsoleRedirection, bios:VfEnhancedIntelSpeedStepTech, bios:VfFrontPanelLockout, bios:VfIntelHyperThreadingTech, bios:VfIntelTurboBoostTech, ios:VfIntelVTForDirectedIO, bios:VfIntelVirtualizationTechnology, bios:VfLvDIMMSupport, bios:VfMirroringMode, bios:VfNUMAOptimized, bios:VfProcessorC3Report, bios:VfProcessorC6Report, bios:VfQuietBoot, bios:VfResumeOnACPowerLoss, bios:VfSelectMemoryRASConfiguration, bios:VProfile, fabric:VCon, fabric:VConProfile, firmware:ComputeHostPack, firmware:ComputeMgmtPack, ls:AgentPolicy, ls:ComputeBinding, ls:Binding, ls:Requirement, ls:Power, ls:Tier, lsboot:Policy, power:Group, power:Regulation, power:Rule
ls-storage
Purpose
Service profile storage
Responsible Role
Storage Administrator
Controlled Objects
fcpool:Format, lsboot:Def, lsboot:Lan, lsboot:LanImagePath, lsboot:LocalStorage, lsboot:SanImage, lsboot:SanImagePath, lsboot:Storage, lsboot:VirtualMedia, storage:LocalDiskConfigDef, storage:LocalDiskConfigPolicy, storage:LocalDiskPartition, uuidpool:Format, vnic:BootTarget, vnic:DefBeh, vnic:Fc, vnic:FcIf, vnic:FcNode, vnic:FcOEIf, vnic:SanConnTempl, vnic:Scsi, vnic:ScsiIf
ls-storage-policy
Purpose
Service profile storage policy
Responsible Role
Storage Administrator
Controlled Objects
fabric:VCon, fabric:VConProfile, fcpool:Block, fcpool:BootTarget, fcpool:Format, fcpool:Initiator, fcpool:Initiators, lsboot:Def, lsboot:Lan, lsboot:LanImagePath, lsboot:LocalStorage, lsboot:SanImage, lsboot:SanImagePath, lsboot:Storage, lsboot:VirtualMedia, storage:LocalDiskConfigDefstorage:LocalDiskConfigPolicy, storage:LocalDiskPartition, uuidpool:Format, vnic:SanConnTempl
operations
Purpose
Logs and Smart Call Home
Responsible Role
Operations
Controlled Objects
aaa:Log, callhome:Dest, callhome:Ep, callhome:PeriodicSystemInventory, callhome:Profile, callhome:Smtp, callhome:Source, callhome:TestAlert, comm:DateTime, comm:NtpProvider, comm:Syslog, comm:SyslogClient, comm:SyslogConsole, comm:SyslogFile, comm:SyslogMonitor, condition:Log, aaa:Log, event:Log, event:EpCtrl, event:Log, fault:Inst, stats:CollectionPolicy, stats:Curr, adaptor:EthPortBySizeLargeStats, adaptor:EthPortBySizeSmallStats, adaptor:EthPortErrStats, adaptor:EthPortMcastStats, adaptor:EthPortOutsizedStats, adaptor:EthPortStats, adaptor:EtherIfStats, adaptor:FcIfEventStats, adaptor:FcIfFC4Stats, adaptor:FcIfFrameStats, adaptor:FcPortStats, adaptor:MenloBaseErrorStats, adaptor:MenloDcePortStats, adaptor:MenloEthErrorStats, adaptor:MenloEthStats, adaptor:MenloFcErrorStats, adaptor:MenloFcStats, adaptor:MenloHostPortStats, adaptor:MenloMcpuErrorStats, adaptor:MenloMcpuStats, adaptor:MenloNetEgStats, adaptor:MenloNetInStats, adaptor:MenloQErrorStats, adaptor:MenloQStats, adaptor:VnicStats, compute:IOHubEnvStats, compute:MbPowerStats, compute:MbTempStats, compute:PCIeFatalCompletionStats, compute:PCIeFatalProtocolStats, compute:PCIeFatalReceiveStats, compute:PCIeFatalStats, equipment:ChassisStats, equipment:FanModuleStats, equipment:FanStats, equipment:IOCardStats, equipment:PsuInputStats, equipment:PsuStats, ether:ErrStats, ether:LossStats, ether:PauseStats, ether:RxStats, ether:TxStats, fc:ErrStats, fc:Stats, memory:ArrayEnvStats, memory:BufferUnitEnvStats, memory:ErrorStats, memory:Runtime, memory:UnitEnvStats, processor:EnvStats, processor:ErrorStats, processor:Runtime, sw:EnvStats, sw:SystemStats, stats:Holder, stats:Thr32Definition, stats:Thr32Value, stats:Thr64Definition, stats:Thr64Value, stats:ThrFloatDefinition, stats:ThrFloatValue, stats:ThresholdClass, stats:ThresholdDefinition, stats:Thr32Definition, stats:Thr64Definition, stats:ThrFloatDefinition, stats:ThresholdPolicy, stats:ThresholdValue, stats:Thr32Value, stats:Thr64Value, stats:ThrFloatValue, sysdebug:AutoCoreFileExportTarget, sysdebug:BackupBehavior, sysdebug:Core, sysdebug:CoreFileExportTarget, sysdebug:AutoCoreFileExportTarget, ysdebug:ManualCoreFileExportTarget), sysdebug:CoreFileRepository, sysdebug:LogControlDestinationFile, ysdebug:LogControlDestinationSyslog, sysdebug:LogControlDomain, sysdebug:LogControlEp, sysdebug:LogControlModule, sysdebug:MEpLog, sysdebug:MEpLogPolicy, sysdebug:ManualCoreFileExportTarget, sysfile:Mutation
pn-equipment
Purpose
Server hardware management
Responsible Role
Server Equipment Administrator
Controlled Objects
adaptor:ExtIf, adaptor:ExtEthIf, adaptor:HostIf, adaptor:HostEthIf, adaptor:HostFcIf, compute:Blade, compute:PsuPolicy, diag:SrvCtrl, equipment:Chassis, equipment:Led, equipment:IndicatorLed, equipment:LocatorLed, fabric:ComputeSlotEp, fabric:SwChPhEp
pn-maintenance
Purpose
Server maintenance
Responsible Role
Server Equipment Administrator
Controlled Objects
adaptor:ExtIf, adaptor:ExtEthIf, adaptor:HostIf, adaptor:HostEthIf, adaptor:HostFcIf, compute:Blade, diag:SrvCtrl, equipment:Chassis, equipment:Led, equipment:IndicatorLed, equipment:LocatorLed, fabric:ComputeSlotEp, fabric:SwChPhEp
pn-policy
Purpose
Server policy
Responsible Role
Server Equipment Administrator
Controlled Objects
adaptor:CapQual, adaptor:Qual, bios:VFeat, bios:VfConsoleRedirection, bios:VfEnhancedIntelSpeedStepTech, bios:VfFrontPanelLockout, bios:VfIntelHyperThreadingTech, bios:VfIntelTurboBoostTech, bios:VfIntelVTForDirectedIO, bios:VfIntelVirtualizationTechnology, bios:VfLvDIMMSupport, bios:VfMirroringMode, bios:VfNUMAOptimized, bios:VfProcessorC3Report, bios:VfProcessorC6Report, bios:VfQuietBoot, bios:VfResumeOnACPowerLoss, bios:VfSelectMemoryRASConfiguration, bios:VProfile, compute:AutoconfigPolicy, compute:Blade, compute:BladeDiscPolicy, compute:BladeInheritPolicy, compute:ChassisDiscPolicy, compute:ChassisQual, compute:DiscPolicy, compute:BladeDiscPolicy, compute:ChassisDiscPolicy, compute:PhysicalQual, compute:Pool, compute:PooledPhysical, compute:PooledSlot, compute:PooledSlot, compute:PoolingPolicy, compute:PsuPolicy, compute:Qual, compute:QualItem, adaptor:CapDef, adaptor:CapQual, adaptor:CapSpec, adaptor:Qual, compute:BladePosQual, compute:ChassisQual, compute:SlotQual, compute:PhysicalQual, memory:Qual, processor:Qual, storage:Qual, compute:ScrubPolicy, compute:SlotQual, diag:BladeTest, diag:NetworkTest, diag:RunPolicy, equipment:Chassis, equipment:Led, equipment:IndicatorLed, equipment:LocatorLed, extvmm:Ep, extvmm:KeyRing, extvmm:KeyStore, extvmm:MasterExtKey, extvmm:Provider, extvmm:SwitchDelTask, fabric:ComputeSlotEp, fabric:SwChPhEp, memory:Qual, org:Org, processor:Qual, storage:Qual, uuidpool:Pool, vm:Cont, vm:DirCont, vm:DC, vm:DCOrg, vm:Org, vm:Switch, vm:DC, vm:DCOrg, vm:LifeCyclePolicy, vm:Org, vm:Switch, vm:VnicProfCl
pn-security
Purpose
Server security
Responsible Role
Server Security Administrator
Controlled Objects
mgmt:IntAuthPolicy
pod-config
Purpose
Pod configuration
Responsible Role
Network Administrator
This privilege is not used.
pod-policy
Purpose
Pod policy
Responsible Role
Network Administrator
This privilege is not used.
pod-qos
Purpose
Pod QoS
Responsible Role
Network Administrator
This privilege is not used.
pod-security
Purpose
Pod security
Responsible Role
Network Administrator
This privilege is not used.
power-mgmt
Purpose
Data center power management
This role provides read and write access for power capacity management including power group configurations and other power-related policies.
Responsible Role
Facility Manager
read-only
Purpose
Read-only access
Responsible Role
This is not a selectable privilege. All roles have read-only access to all objects. Roles that have read-write privileges on some objects also have read-only access to all other objects.