Here is the Roles for Release 29 ... A Monitor User can only view .. See below where "Can Add Modify and Delete" Follow that coluim down to Local Monitor and you will see they have nothing ...

About user accounts 

Note  If you have a CX4 series ,  CX3-series , CX-series storage system , or an AX4-5 series storage system with FLARE version 02.23.050.5.5xx, and you will be using Navisphere CLI to configure the storage system, see the Using Navisphere CLI to add privileged users entry in the Table of Contents.                                

The privilege of monitoring, managing, and creating accounts on systems in a domain depends on the type of account used when you log in. A user (that is, someone who needs to view or manage storage system operation) can have one of the following roles:

Administrator
Security Administrator
Manager Manager
Monitor Monitor

Additionally, you can increase security and limit access privileges for third-party service personnel who perform replication operations, by granting the following replication roles:

Local Replication Only
Replication
Replication and Recovery

Those with these replication roles can view, but not manage non-replication features, such as creating a LUN.

The Administrator, Security Administrator, Manager, and Monitor roles can each be assigned global or local privileges.  Each global username must be unique within the storage domain; each local username must be unique within the storage system. Role privileges are as follows:

Note  Anyone logged in with a global administrator account can view all user accounts, both global to the domain and local to the current storage system.  Anyone logged in as a local administrator can view and manage only user accounts on the local storage system.

Usernames and Passwords

Usernames can be 1 to 32 letters (case sensitive), numbers, and/or underscores, and must start with a letter.

Passwords can be 1 to 32 letters (case sensitive) and/or numbers.

Manager stores all local username, password, and related security data encrypted, in files in a secure part of the storage system. Global user information is stored encrypted on all management-server storage systems in the domain.

Important  If the person who manages a storage-system installation cannot log in as a global administrator (perhaps because he or she forgot the password), then global management of the installation will be impossible. Any local administrators and managers retain their local management privileges. However, eventually, an EMC engineer will need to recreate a global administrative account. So you should make sure that people who will manage the system keep a good record of this password

Initial Global Administrator Account

When the storage-system hardware is installed, initialize security on the storage system by creating the initial global administrator account, complete with username and password .  Once a global administrator account exists,  the security software automatically creates a domain of one with SP A as the domain master. No one can delete the last remaining global administrator account.

After storage-system initialization, anyone with global administrative privileges can log in to any connected management server storage system, and then add management servers or create, modify, or delete other global or local administrator, manager, and monitor accounts.

Any user can modify his or her own password and view the systems on which he or she has an account.