Each user must have a unique account with one or more roles assigned to enforce a role-based security when they use VMware Aria Operations. Contact your organization owner to create user accounts for VMware Aria Operations. Once created, you can assign the account to be a member of one or more user groups to allow the user to inherit the roles and scopes associated with the user group.

Where You Find the Access Control Options

You can manage user accounts and their associated user groups, roles, scopes and passwords.

From the left menu, click Administration, and then click the Access Control tile.

Table 1. Access Control Tabs
Option Description

User Accounts

Edit VMware Aria Operations user accounts and manage user roles, their membership in groups, and the scopes assigned for association with the user.

User Groups

Add, edit, delete, or clone VMware Aria Operations user groups, update the members in a group and the associated roles and scopes that they can access.

Roles

For users to perform actions in VMware Aria Operations, they must be assigned specific roles. With role-based access, when you assign a role to a user, you are determining not only what actions the user can perform in the system, but also the objects upon which those actions can be performed while holding the role. For example, to import or export a policy, the role assigned to your user account must have the Import or Export permissions enabled for policy management.

Scopes Add, edit, clone, or remove scope associated with users or groups in VMware Aria Operations. Scope lets you limit the access of a user or a set of users to VMware Aria Operations. You can also define the scope for all the objects managed by VMware Aria Operations.