Tips and Pitfalls: RBAC

Common Commands

show role

show user-account



Key Points / Pitfalls

  • RBAC rules are not processed “first match”, but rather parse the entire set of rules
  • You must grant access to VSANs you are moving members from as well as into
  • Only network-admin role has access to role configuration
  • sh environment, sh hardware, sh module show snmp and show system are always allowed
    • RBAC CLI category show maps to SNMP GET
    • RBAC CLI categories config, clear and exec map to SNMP SET
    • RBAC CLI category is ignored with SNMP access
This entry was posted in CCIE Storage, RBAC and tagged , . Bookmark the permalink.

Leave a Reply