As an organization owner, you give VMware Cloud Services users two types of role-based access when you invite them to join your organization: organization role access and service role access.

You view and manage users roles in your organization from the Identity and Access Management > Active Users menu in Cloud Services Console.
Organization Roles and Permissions
Organization roles determine the capabilities that a user has on the VMware Cloud Services Console. Access to an organization's resources is determined by the role assigned to each user in the organization: as an organization owner with full access, or as an organization member with read-only access.
Organization owners have full administrative access to the organization's resources and can assign role-based access to organization members. They can also self-assign roles to themselves.
Service Roles and Permissions
VMware Cloud services, such as VMware Carbon Black Cloud, come with a pre-defined built-in set of service roles that determine the capabilities that a user has in the specific service. Organization owners grant users access to cloud services according to the roles provided by each cloud service. For more information about built-in service roles, see Predefined User Roles.