What are the VMware Aria Automation user roles

VMware Aria Automation has several levels of user roles. These different level control access to the organization, the services, the projects that produce or consume the cloud templates, catalog items, and pipelines, and the ability for uses to use or see individual parts of the user interface. These different levels give cloud administrators different tools to apply any level of granularity that is required by their operational needs.

General role descriptions

The user roles are defined at different levels. The service level roles are defined for each service.

More details for the service roles is provided below this table.

Role	General permissions	Where the role is defined
Organization Owner	Can access the console and add users to organization. The organization owner cannot access a service unless they have a service role. More about the Organization User Roles	Organization console
Organization Member	Can access the console. The organization member cannot access a service unless they have a service role. More about the Organization User Roles	Organization console
Service Administrator	Can access the console and has full view, update, and delete privileges in the service. More about Assembler roles More about Service Broker roles More about Pipelines roles More about Migration Assistant roles More about Orchestrator roles More about the Automation Config role	Organization console
Service User	Can access the console and the service with limited permissions. The service member has limited user interface. What they can see or do depends on their project membership. More about Assembler roles More about Service Broker roles More about Pipelines roles	Organization console
Service Viewer	Can access the console and the service in a view-only mode. More about Assembler roles More about Service Broker roles More about Pipelines roles More about Migration Assistant roles More about Orchestrator roles	Organization console
Executor (Automation Pipelines only)	Can access the console and manage pipeline executions. More about Pipelines roles	Organization console
Orchestrator Workflow Designer (Orchestrator only)	Can create, run, edit, and delete their own Orchestrator Client content. Can add their own content to their assigned group. Does not have access to the administration and troubleshooting features of the Orchestrator Client. More about Orchestrator roles	Organization console
Project roles	Can view and manage project resources depending on project role. Project roles include administrator, member, and viewer. More about project roles	Automation Assembler, Automation Service Broker, and Automation Pipelines
Custom roles	The permissions are defined by the Automation Assembler Administrator for all the services. The user must have at least a service viewer role in the relevant services so that they can access the service. The custom roles take precedence over the service roles. More about custom roles	Automation Assembler and Automation Service Broker
Infrastructure administrator built-in role	Gives predefined permissions for tasks in VMware Aria Automation . More about the Infrastructure Administrator role	Using the API