This portal is to open public enhancement requests against IBM System Storage products. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).
We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:
Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,
Post an idea.
Get feedback from the IBM team and other customers to refine your idea.
Follow the idea through the IBM Ideas process.
Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.
IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.
ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.
See this idea on ideas.ibm.com
Hello Developers,
we have problem to reach bank security requirements on Storwize. We produced linux shell solution to reach requirements for clusters, but problem is still in vmware and monitoring. Problem is that we can't define user group which have permission on specific number of command/actions and these actions only on specific resources.
For example: Vmware admins can doo all only on vmware volumes. Not on mdisks, disks, etc. But actually we have to do administrator rights to vmware admins for SRM functionality. The same problem is for monitoring. When we want to implement monitoring stor2rrd or TPC or zabbix etc. weh ave to grant administrator role. We can't receive relevant data when doesn't have administrator role. It is big security hole. User with monitoring functionality can manage whole array. It is bad.
the best choice is:
- posibility define user group - one use can be in many user groups
- posibility define resource group
- posibility define group of action/allowed commands and permissions
- posibility define security rules - where we create rule:
this grou of user can manage this groups of resources with these groups of permissions/commands
It cause that we can define which user can what. The same logic is implemented in HMC in IBM Power server.
Idea priority | High |
By clicking the "Post Comment" or "Submit Idea" button, you are agreeing to the IBM Ideas Portal Terms of Use.
Do not place IBM confidential, company confidential, or personal information into any field.
Ownership groups (multi-tenancy) was delivered in 2Q19
Due to processing by IBM, this request was reassigned to have the following updated attributes:
Brand - Servers and Systems Software
Product family - Storage
Product - IBM Storwize V7000, V5000 and V3000
For recording keeping, the previous attributes were:
Brand - Tivoli
Product family - Storage
Product - IBM Storwize V7000, V5000 and V3000