Authority delegation in Cloud Network Automation is the ability to assign full and exclusive control of IP addresses and DNS name spaces to a Cloud Platform Appliance. You can perform authority delegation only through the Grid Master. When you delegate the authority of IP addresses and DNS name spaces to a Cloud Platform Appliance, the Grid Master loses its authority over the scope of delegation for these IP addresses and name spaces as well as any objects within them. Note that authority delegation for an object can be explicitly assigned or inherited from parent objects. For information about how to delegate authority for supported object types, see Guidelines for Delegating below .
NIOS admin users who do not belong to admin groups with cloud API access are not allowed to create new cloud objects, nor can they modify or delete existing cloud objects in delegated spaces; but they can modify the permissions and certain extensible attribute values for these objects. Only admin users with cloud API access and the correct global and object permissions can be used to send cloud API requests to create, modify, and delete objects within the delegated scope.
...
Cloud API Requests | Standard API and WAPI Requests | Comments |
|---|
Authority delegation for a host record is inherited from both the DNS and DHCP portions of the record. For DNS, you can delegate authority for all DNS zones for which the host record is defined. For DHCP, you can delegate authority for the parent network view, network container, network, or DHCP range defined for the host record. You can create, modify, or delete a host record or a host IP address whose authority is delegated to a Cloud Platform Appliance through Grid Manager. Note that when you create a host record, you must enable it for DNS within the delegated network view. Otherwise, you will not be able to save the host record. The Cloud Platform Appliance can process a cloud API request that includes a host record only if it has gained authority for both DNS and DHCP portions of the host record, as follows: All IP addresses enabled for DHCP within one or more delegation scopes are delegated to the same Cloud Platform Appliance. All DNS records defined for one or more DNS zones have the same Cloud Platform Appliance assigned as the Grid primary.
| IP addresses defined in the host record that is enabled DHCP follow the same rules for a fixed address. See the IPv4 and IPv6 Fixed Addresses section for more information. Names or aliases defined in the host record follow the same rules set for resource records. See the DNS Resource Records section for more information.
| When you create a host record through a cloud API request, you must include the following extensible attributes in the request: Tenant ID, Cloud API Owned, and CMP Type.
|
IP addresses defined in the host record that is enabled for DHCP follow the same rules set for a fixed address. See IPv4and IPv6 Fixed Addresses for more information. Names or aliases defined in the host record follow the same rules set for resource records. See DNS Resource Records for more information. Although no DHCP service restart is required, you can perform a DHCP service restart on a Cloud Platform Appliance through a cloud API request.
|
|
|
...
