As a system administrator, you can create rights bundles and publish them to one and more VMware Cloud Director organizations in your cloud. You can edit and delete existing rights bundles. You can unpublish rights bundles from organizations in your cloud.

Create a Rights Bundle in VMware Cloud Director

You can group a set of rights as a rights bundle which you can publish to one or more VMware Cloud Director organizations in your system.

Procedure

  1. From the primary left navigation panel, select Administration.
  2. From the secondary left panel, under Tenant Access Control, select Rights Bundles.
  3. Click Add.
  4. Enter a name and, optionally, a description for the new rights bundle.
  5. Select the rights that you want to associate with this bundle.
    The rights are grouped in categories and subcategories for view or manage access to the object to which they relate.

    You can select the rights individually, by view or manage by subcategory, or by view or manage globally.

    Category Description
    Access Control Contains rights for viewing and managing organizations, rights, roles, and users.
    Administration Contains rights for viewing and managing general and multisite setting.
    Compute Contains rights for viewing and managing organization and provider VDCs, vApps, organization VDC templates, and VM monitoring.
    Extensions Contains rights for viewing and managing VMware Cloud Director plug-ins and extensions.
    Infrastructure Contains rights for viewing and managing vSphere resources.
    Libraries Contains rights for viewing and managing catalogs and catalog items.
    Networking Contains rights for viewing and managing network resources.
  6. Click Save.

What to do next

You can publish the newly created rights bundle to one or more organizations in your system. See Publish or Unpublish a Rights Bundle to VMware Cloud Director.

Clone a Rights Bundle Using VMware Cloud Director

You can use an existing rights bundle as a template for the creation of a new bundle.

Prerequisites

Verify that you have the rights to add new roles to VMware Cloud Director.

Procedure

  1. From the primary left navigation panel, select Administration.
  2. From the secondary left panel, under Tenant Access Control, select Rights Bundles.
  3. Select the rights bundle that you want to clone and click Clone.
  4. In the Clone Rights Bundle window, enter a name and description for the cloned bundle.
  5. (Optional) To edit the cloned rights, turn on the Modify Selected Rights toggle, and select or deselect the rights you want to change for the cloned role.
  6. Click Save.

Publish or Unpublish a Rights Bundle to VMware Cloud Director

You can publish a rights bundle to one or more VMware Cloud Director organizations in your system. After you publish a rights bundle to an organization, the rights in this bundle become part of the organization set of rights.

Organization rights can comprise multiple rights bundles, but the organization administrators and users see a flat set of rights that they can use to create and modify roles.

Procedure

  1. From the primary left navigation panel, select Administration.
  2. From the secondary left panel, under Tenant Access Control, select Rights Bundles.
  3. Select the radio button next to the target bundle and click Publish.
  4. To publish the bundle:
    1. Select Publish to Tenants.
    2. Select the organizations to which you want to publish the role.
      • If you want to publish the bundle to all existing and newly created organizations in your system, select Publish to All Tenants.
      • If you want to publish the bundle to particular organizations in your system, select the organizations individually.
  5. To unpublish the bundle:
    • To unpublish the bundle from all organizations in your system, deselect Publish to Tenants.
    • To unpublish the bundle from particular organizations in your system, deselect Publish to All Tenants, and deselect the organizations individually.
  6. Click Save.

Results

The rights in the published bundle are available in the selected organizations and can be used in the roles in these organizations.

The rights in the unpublished role are removed from the selected organizations and cannot be used in the roles in these organizations.

View and Edit a Rights Bundle Using VMware Cloud Director

You can view the rights that are included in a rights bundle. You can modify the name, the description, and the rights of a bundle.

Procedure

  1. From the primary left navigation panel, select Administration.
  2. From the secondary left panel, under Tenant Access Control, select Rights Bundles.
  3. Click the name of the target bundle.
    You can view the rights that are associated with the bundle by expanding the right categories.
  4. Edit the bundle and click Keep.

Results

If you modified the rights of the bundle, the new set of rights is applied to all organizations to which this rights bundle is published.

Delete a Rights Bundle From VMware Cloud Director

You can remove a rights bundle that you no longer use in your VMware Cloud Director organizations.

Procedure

  1. From the primary left navigation panel, select Administration.
  2. From the secondary left panel, under Tenant Access Control, select Rights Bundles.
  3. Select the radio button next to the target bundle and click Delete.
  4. To confirm, click OK.