Cloud Manager policies for AWS, Azure, and GCP

The policies on this page grant the permissions that Cloud Manager needs to deploy and manage NetApp Cloud Volumes ONTAP in Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). While optional, policies for Cloud Volumes ONTAP in AWS are also available.

AWS

To help you find the right policy, click the action that matches what you're trying to do:

For more information about IAM policies, see AWS documentation: Policies and Permissions and Managing IAM Policies.

For information about how Cloud Manager uses AWS permissions, see What Cloud Manager does with AWS permissions.

Azure

To help you find the right policy, click the action below that matches what you're trying to do:

For information about custom roles, see Azure documentation: Custom Roles in Azure.

For information about how Cloud Manager uses Azure permissions, see What Cloud Manager does with Azure permissions.

GCP

Two sets of permissions are required in GCP:

  1. The GCP user who deploys Cloud Manager from NetApp Cloud Central must have the permissions defined in the NetApp Cloud Central policy for GCP.

  2. The service account for the Cloud Manager VM instance must have the permissions defined in the Cloud Manager policy for GCP.

    You need to associate the service account with Cloud Manager when you deploy it from NetApp Cloud Central.

For step-by-step instructions, see Getting started with Cloud Volumes ONTAP in GCP.