You can use a combination of user logins, role-based access control, and data sets to manage VMware Aria Operations for Logs users. Role-based access control lets you manage users and the tasks that they can perform.
Roles are sets of permissions required to perform particular tasks. VMware Aria Operations for Logs has a set of predefined roles. Additionally, you can create custom roles as part of defining security policies, and grant the roles to users. To change the permissions and tasks associated with a custom role, you can update the role settings. The updated settings take effect for all users associated with the role.
- To allow a user to perform a task, you grant the role to the user.
- To prevent a user from performing a task, you revoke the role from the user.
Managing roles for each user is based on their user login account. You can assign multiple roles to a user, in which case the role permissions are merged.
Users who cannot view or access certain objects or cannot perform certain operations were not assigned the roles with the permissions to do so.