A tenant user with the Kubernetes Cluster Author role can view, create, and manage Kubernetes clusters. This role simplifies tenant role setup by assigning all the required rights in one role in the VMware Cloud Director UI.

Table 1. Rights included in the Kubernetes Cluster Author Role
Right
Allow Access to All Organization VDCs
View Organization Administrative Details
View vApp ACL
Manage user's own API token
View Certificates Library
View Compute Policies for an Organization VDC
View Disk IOPS
View Disk Encryption Status
View Disk Properties
Create a Disk
Delete a Disk
Edit Disk Properties
Create a Shared Disk
Edit VM-VM Affinity Rule
View Encryption Status of VMs and VM's disks
View VM metrics
Preserve All ExtraConfig Elements During OVF Import and Export
Copy a vApp
Create / Reconfigure a vApp
Delete a vApp
Download a vApp
Edit vApp Properties
Edit VM Compute Policy
Edit VM CPU
Edit VM Hard Disk
Edit VM Memory
Edit VM Network
Edit VM Properties
Manage VM Password Settings
Start / Stop / Suspend / Reset a vApp
Share a vApp
Create / Revert / Remove a Snapshot
Upload a vApp
Access to VM Console
Edit / View VM Boot Options
Allow metadata mapping domain to vCenter
View Tenant Portal Plugin Information
View Shared Catalogs from Other Organizations
View Private and Shared Catalogs within Current Organization
Add a vApp from My Cloud
View vApp Templates / Media
Copy / Move a vApp Template / Media
Edit vApp Template / Media Properties
Add to My Cloud
View Gateway
NAT View Only
NAT Configure
Load Balancer View Only
Load Balancer Configure
View Properties
View: VMWARE:CAPVCDCLUSTER
Edit VMWARE:CAPVCDCLUSTER
Full Control: VMWARE:CAPVCDCLUSTER
View: VMWARE:VCDKECONFIG

The following IP Spaces rights are optional, and are only necessary when you want to leverage Gateways using IP Spaces. Service providers must manually add these rights to the Kubernetes Cluster Author role as they are not automatically added. For instructions, see View and Edit a Global Tenant Role Using VMware Cloud Director.

Table 2. IP Spaces Rights
Right
View IP Spaces
Manage IP Spaces
Allocate IP Spaces

The following conditional rights are added only if they already exist in the system, as they are relevant to Kubernetes cluster management:

Table 3. Conditional Rights
Right
View: Tanzu Kubernetes Guest Cluster
Edit Tanzu Kubernetes Guest Cluster
Full Control: Tanzu Kubernetes Guest Cluster
View: CSE:NATIVECLUSTER
Edit CSE:NATIVECLUSTER
Full Control: CSE:NATIVECLUSTER