A tenant user with the Kubernetes Cluster Author role can view, create, and manage Kubernetes clusters. This role simplifies tenant role setup by assigning all the required rights in one role in the VMware Cloud Director UI.
| Right |
|---|
| Allow Access to All Organization VDCs |
| View Organization Administrative Details |
| View vApp ACL |
| Manage user's own API token |
| View Certificates Library |
| View Compute Policies for an Organization VDC |
| View Disk IOPS |
| View Disk Encryption Status |
| View Disk Properties |
| Create a Disk |
| Delete a Disk |
| Edit Disk Properties |
| Create a Shared Disk |
| Edit VM-VM Affinity Rule |
| View Encryption Status of VMs and VM's disks |
| View VM metrics |
| Preserve All ExtraConfig Elements During OVF Import and Export |
| Copy a vApp |
| Create / Reconfigure a vApp |
| Delete a vApp |
| Download a vApp |
| Edit vApp Properties |
| Edit VM Compute Policy |
| Edit VM CPU |
| Edit VM Hard Disk |
| Edit VM Memory |
| Edit VM Network |
| Edit VM Properties |
| Manage VM Password Settings |
| Start / Stop / Suspend / Reset a vApp |
| Share a vApp |
| Create / Revert / Remove a Snapshot |
| Upload a vApp |
| Access to VM Console |
| Edit / View VM Boot Options |
| Allow metadata mapping domain to vCenter |
| View Tenant Portal Plugin Information |
| View Shared Catalogs from Other Organizations |
| View Private and Shared Catalogs within Current Organization |
| Add a vApp from My Cloud |
| View vApp Templates / Media |
| Copy / Move a vApp Template / Media |
| Edit vApp Template / Media Properties |
| Add to My Cloud |
| View Gateway |
| NAT View Only |
| NAT Configure |
| Load Balancer View Only |
| Load Balancer Configure |
| View Properties |
| View: VMWARE:CAPVCDCLUSTER |
| Edit VMWARE:CAPVCDCLUSTER |
| Full Control: VMWARE:CAPVCDCLUSTER |
| View: VMWARE:VCDKECONFIG |
The following IP Spaces rights are optional, and are only necessary when you want to leverage Gateways using IP Spaces. Service providers must manually add these rights to the Kubernetes Cluster Author role as they are not automatically added. For instructions, see View and Edit a Global Tenant Role Using VMware Cloud Director.
| Right |
|---|
| View IP Spaces |
| Manage IP Spaces |
| Allocate IP Spaces |
The following conditional rights are added only if they already exist in the system, as they are relevant to Kubernetes cluster management:
| Right |
|---|
| View: Tanzu Kubernetes Guest Cluster |
| Edit Tanzu Kubernetes Guest Cluster |
| Full Control: Tanzu Kubernetes Guest Cluster |
| View: CSE:NATIVECLUSTER |
| Edit CSE:NATIVECLUSTER |
| Full Control: CSE:NATIVECLUSTER |
