Hi,
how is it possible to restrict the access to the NetApp StorageConsole Plugin in vCenter?
My problem is, that everybody with access to my vcenter server (vCenter-Role = user) can use the NetApp storageConsole for resizing LUNs or change the BackupJobs.
The goal is, that only vcenter-admins can uses this plugin.
thanks for any help
Does setting the permissions on your Datastores affect this ability?
No!
There are only "one" User (Backupuser) and the Admin-Group from my vCenter which have the permission to the storage.
I've run in to this issue. The problem is that the VSC (virtual storage console) runs things under a specific user context; as long as you can install the plugin, you have full access to what it does.
I would suggest using IPsec on the server that VSC is installed on to only allow access to that port for specific workstations or personnel. That way they simply cannot connect to the plugin.
Thank you for your help chriswahl00.
Did you think that will be an support request for vmware or netapp?
To block the plugin? I'd assume NetApp.