Data Management for VMware Tanzu uses roles and responsibilities to determine what actions a user can perform in the installation.
Data Management for VMware Tanzu pre-defines these three user roles:
Data Management for VMware Tanzu defines a single provider role named Provider Administrator. This role manages the Data Management for VMware Tanzu installation. A user acting in the Provider Administrator role is a member of the Provider organization.
The Provider Administrator credentials are established during deployment of the Provider VM. Among other tasks, users in this role can:
For more information, see Roles and Their Responsibilities.
The Provider Administrator user assigns a role to each Data Management for VMware Tanzu user that they create or import in an organization.
A user that is assigned the Organization Administrator role can manage all services in the organization to which they belong. An Organization Administrator can:
Users that are assigned the role of Organization Users can manage only the services that they provision. An Organization User can only create, delete, and manage the databases that they create.
Each Data Management for VMware Tanzu role has a default set of responsibilities as described in the following table:
Responsibility | Provider Administrator | Organization Administrator | Organization User |
---|---|---|---|
Deploy Provider VM | ✓ | ||
Monitor Provider VM | ✓ | ||
Managing Provider VM Updates | ✓ | ||
Deploy Agent VM | ✓ | ✓ | |
Onboard Cluster with Data Management for VMware Tanzu | ✓ | ||
Share Environment | ✓ | ||
Onboard/Delete Environment | ✓ | ✓ | |
View/Monitor Environment | ✓ | ✓ | ✓ |
Manage Environment | ✓ | ✓ | |
Manage Organizations | ✓ | ||
Manage Users | ✓ | ✓ | |
Manage Templates | ✓ | ||
Manage Instance Plans | ✓ | ||
Manage Data Management for VMware Tanzu Installation Settings (LDAP, SMTP, others) | ✓ | ||
Manage SSL/TLS Certificates for the Data Management for VMware Tanzu Console | ✓ | ||
Manage the Root CA for an Organization | ✓ | ✓ | |
Provision database VMs | ✓ | ✓ | ✓ |
Manage database VMs | ✓ | ✓ | ✓ |
View/Monitor database VMs | ✓ | ✓ | ✓ |
Manage SSL/TLS Certificates for all database VMs Provisioned in the Organization | ✓ | ✓ | |
Manage SSL/TLS Certificates for my database VMs | ✓ | ✓ | ✓ |
Manage SSH Access to database VMs | ✓ | ✓ | ✓ |
Manage VM Operations (Clone, Power Off/On) on a database VM | ✓ | ✓ | ✓ |
Activate or deactivate Email Notification | ✓ | ✓ | ✓ |
Manage Database Maintenance Policy | ✓ | ✓ | ✓ |
Manage Database VM Tags | ✓ | ✓ | ✓ |
Generate Database VM Logs | ✓ | ✓ | ✓ |
Manage Database Operations (DB Options, SSL/TLS, Resource Scaling, Extend Disk) on a database VM | ✓ | ✓ | ✓ |
Change Database VM Ownership | ✓ | ✓ | |
Manage Database VM Upgrades (OS and Database Engine) | ✓ | ✓ | ✓ |
Manage Read Replicas Database VMs | ✓ | ✓ | ✓ |
Manage Database Backups | ✓ | ✓ | ✓ |
Recover Database VMs | ✓ | ✓ | ✓ |
For more information about user roles, see Provider Roles and Organization Roles.