You can create a global tenant role that you can publish to one or more organizations in your system.

After the initial VMware Cloud Director installation and setup, the system contains predefined global tenant roles that are published to all organizations. For information about the predefined roles, see Predefined Roles and Their Rights.

You can add custom global roles to your system.

Procedure

  1. From the top navigation bar, select Administration.
  2. In the left panel, under Tenant Access Control, select Global Roles.
  3. Click Add.
  4. Enter a name and, optionally, a description for the new role.
  5. Select the rights that you want to associate with the role.
    The rights are grouped in categories and subcategories for view or manage access to the object to which they relate.

    You can select the rights individually, by view or manage by subcategory, or by view or manage globally.

    Category Description
    Access Control Contains rights for viewing and managing organizations, rights, roles, and users.
    Administration Contains rights for viewing and managing general and multisite setting.
    Compute Contains rights for viewing and managing organization and provider VDCs, vApps, organization VDC templates, and VM monitoring.
    Extensions Contains rights for viewing and managing VMware Cloud Director plug-ins and extensions.
    Infrastructure Contains rights for viewing and managing vSphere resources.
    Libraries Contains rights for viewing and managing catalogs and catalog items.
    Networking Contains rights for viewing and managing network resources.
  6. Click Keep.

Results

Upon its creation, the new global tenant right is available only to the VMware Cloud Director Provider organization.

What to do next

You can publish the newly created role to one or more organizations in your system. See Publish or Unpublish a Global Tenant Role.