Various VMware Cloud Director rights are common to multiple predefined global roles. These rights are granted by default to all new organizations, and are available for use in other roles created by the organization administrator.
Rights Included in the Global Tenant Roles in VMware Cloud Director
This list consists of the rights available to user roles in the VMware Cloud Director Tenant Portal. For the rights available to System Administrators, see System Administrator Rights in the VMware Cloud Director Service Provider Admin Guide.
The rights' names in the table below are the VMware Cloud Director API rights' names. The API and UI rights' names might be different. If you want to see a list of all VMware Cloud Director rights with API rights' names, UI rights' names, right classifications, UI right categories, and so on, see the VMware Cloud Director 10.6 Rights file in CSV format.
| New in this release | Right Name | Sub-Provider Administrator | Organization Administrator | Catalog Author | vApp Author | vApp User | Console Access Only |
|---|---|---|---|---|---|---|---|
| Access All Organization VDCs | ✓ | ✓ | |||||
| API Tokens: Manage | ✓ | ✓ | |||||
| API Tokens: Manage All | ✓ | ✓ | |||||
| Catalog Content Source: Change Owner | ✓ | ✓ | |||||
| Catalog Content Source: Delete | ✓ | ✓ | |||||
| Catalog Content Source: Edit | ✓ | ✓ | |||||
| Catalog Content Source: Sharing | ✓ | ✓ | |||||
| Catalog Content Source: View | ✓ | ✓ | |||||
| Catalog Content Source: View ACL | ✓ | ✓ | |||||
| Catalog: Add vApp from My Cloud | ✓ | ✓ | ✓ | ✓ | |||
| Catalog: Change Owner | ✓ | ✓ | |||||
| Catalog: Create / Delete a Catalog | ✓ | ✓ | ✓ | ||||
| Catalog: Edit Properties | ✓ | ✓ | ✓ | ||||
| Catalog: Publish | ✓ | ✓ | ✓ | ||||
| Catalog: Sharing | ✓ | ✓ | ✓ | ||||
| Catalog: VCSP Publish Subscribe | ✓ | ✓ | ✓ | ||||
| Catalog: View ACL | ✓ | ✓ | ✓ | ||||
| Catalog: View Private and Shared Catalogs | ✓ | ✓ | ✓ | ✓ | |||
| Catalog: View Published Catalogs | ✓ | ✓ | |||||
| Certificate Library: Manage | ✓ | ✓ | |||||
| Certificate Library: View | ✓ | ✓ | |||||
| Container App: Manage | ✓ | ✓ | |||||
| Container App: View | ✓ | ✓ | |||||
| Custom entity: View all custom entity instances in org | ✓ | ✓ | |||||
| Custom entity: View custom entity instance | ✓ | ✓ | |||||
| Edge Cluster: View | ✓ | ||||||
| General: Administrator Control | ✓ | ✓ | |||||
| General: Administrator View | ✓ | ✓ | |||||
| General: Send Notification | ✓ | ✓ | |||||
| General: View Error Details | ✓ | ||||||
| Global Role: Edit | ✓ | ||||||
| Global Role: View | ✓ | ||||||
| Group / User: Manage | ✓ | ✓ | |||||
| Group / User: View | ✓ | ✓ | |||||
| IP Spaces: Allocate | ✓ | ✓ | |||||
| ✓ | Kubernetes Namespace: Manage ACL | ✓ | ✓ | ||||
| ✓ | Kubernetes Namespace: View | ✓ | ✓ | ||||
| ✓ | Kubernetes Namespace: View ACL | ✓ | ✓ | ||||
| Metadata File Entry: Create/Modify | ✓ | ✓ | |||||
| Network Pool: View | ✓ | ||||||
| Organization Network: Edit Properties | ✓ | ✓ | |||||
| Organization Network: View | ✓ | ✓ | |||||
| Organization Quotas: Manage | ✓ | ||||||
| ✓ | Organization vDC Compute Policy: Limited Admin View | ✓ | |||||
| ✓ | Organization vDC Compute Policy: Publish | ✓ | |||||
| Organization vDC Compute Policy: View | ✓ | ✓ | ✓ | ✓ | ✓ | ||
| ✓ | Organization vDC Compute Policy: View Shared Compute Policy | ✓ | |||||
| Organization vDC Disk: Edit IOPS | ✓ | ✓ | ✓ | ✓ | |||
| Organization vDC Disk: View IOPS | ✓ | ✓ | ✓ | ✓ | ✓ | ||
| Organization vDC Distributed Firewall: Configure Rules | ✓ | ✓ | |||||
| Organization vDC Distributed Firewall: View Rules | ✓ | ✓ | |||||
| Organization vDC Gateway: Configure BGP Routing | ✓ | ||||||
| Organization vDC Gateway: Configure DHCP | ✓ | ✓ | |||||
| Organization vDC Gateway: Configure DNS | ✓ | ✓ | |||||
| Organization vDC Gateway: Configure ECMP Routing | ✓ | ✓ | |||||
| Organization vDC Gateway: Configure Firewall | ✓ | ✓ | |||||
| Organization vDC Gateway: Configure IPSec VPN | ✓ | ✓ | |||||
| Organization vDC Gateway: Configure L2 VPN | ✓ | ||||||
| Organization vDC Gateway: Configure Load Balancer | ✓ | ✓ | |||||
| Organization vDC Gateway: Configure NAT | ✓ | ✓ | |||||
| Organization vDC Gateway: Configure Route Advertisement | ✓ | ||||||
| Organization vDC Gateway: Configure SLAAC Profile | ✓ | ||||||
| Organization vDC Gateway: Configure Static Routing | ✓ | ✓ | |||||
| Organization vDC Gateway: Configure Syslog | ✓ | ✓ | |||||
| Organization vDC Gateway: Configure System Logging | ✓ | ||||||
| Organization vDC Gateway: Convert to Advanced Networking | ✓ | ✓ | |||||
| Organization vDC Gateway: Create | ✓ | ||||||
| Organization vDC Gateway: Delete | ✓ | ||||||
| Organization vDC Gateway: Distributed Routing | ✓ | ||||||
| Organization vDC Gateway: Update | ✓ | ||||||
| Organization vDC Gateway: Update Properties | ✓ | ||||||
| Organization vDC Gateway: View | ✓ | ✓ | |||||
| Organization vDC Gateway: View BGP Routing | ✓ | ||||||
| Organization vDC Gateway: View DHCP | ✓ | ✓ | |||||
| Organization vDC Gateway: View DNS | ✓ | ✓ | |||||
| Organization vDC Gateway: View Firewall | ✓ | ✓ | |||||
| Organization vDC Gateway: View IPSec VPN | ✓ | ✓ | |||||
| Organization vDC Gateway: View L2 VPN | ✓ | ||||||
| Organization vDC Gateway: View Load Balancer | ✓ | ✓ | |||||
| Organization vDC Gateway: View NAT | ✓ | ✓ | |||||
| Organization vDC Gateway: View Route Advertisement | ✓ | ||||||
| Organization vDC Gateway: View SLAAC Profile | ✓ | ||||||
| Organization vDC Gateway: View Static Routing | ✓ | ✓ | |||||
| Organization vDC Named Disk: Change Owner | ✓ | ✓ | ✓ | ||||
| Organization vDC Named Disk: Create | ✓ | ✓ | ✓ | ✓ | |||
| Organization vDC Named Disk: Delete | ✓ | ✓ | ✓ | ✓ | |||
| Organization vDC Named Disk: Edit Properties | ✓ | ✓ | ✓ | ✓ | |||
| Organization vDC Named Disk: Move | ✓ | ✓ | |||||
| Organization vDC Named Disk: View Encryption Status | ✓ | ✓ | ✓ | ||||
| Organization vDC Named Disk: View Properties | ✓ | ✓ | ✓ | ✓ | ✓ | ||
| Organization vDC Network: Edit Properties | ✓ | ✓ | |||||
| ✓ | Organization vDC Network: Manage Manual IP Reservation | ✓ | ✓ | ||||
| Organization vDC Network: View | ✓ | ✓ | ✓ | ||||
| Organization vDC Storage Policy: Edit | ✓ | ||||||
| Organization vDC Storage Policy: Enable or Disable | ✓ | ||||||
| Organization vDC Storage Policy: View Capabilities | ✓ | ✓ | |||||
| Organization vDC Storage Profile: Set Default | ✓ | ✓ | |||||
| Organization vDC: Create | ✓ | ||||||
| Organization vDC: Delete | ✓ | ||||||
| Organization vDC: Edit ACL | ✓ | ✓ | |||||
| Organization vDC: Enable or Disable | ✓ | ||||||
| Organization vDC: Extended Edit | ✓ | ||||||
| Organization vDC: Extended View | ✓ | ||||||
| Organization vDC: Manage Firewall | ✓ | ✓ | |||||
| Organization vDC: Migrate Storage | ✓ | ✓ | |||||
| Organization vDC: Simple Edit | ✓ | ✓ | |||||
| Organization vDC: User View | ✓ | ✓ | ✓ | ||||
| Organization vDC: View ACL | ✓ | ✓ | |||||
| Organization vDC: View CPU and Memory Reservation | ✓ | ✓ | |||||
| Organization VDC: view metrics | ✓ | ✓ | |||||
| Organization vDC: VM-VM Affinity Edit | ✓ | ✓ | ✓ | ✓ | |||
| Organization: Activate or Deactivate | ✓ | ||||||
| Organization: Create or Delete | ✓ | ||||||
| Organization: Edit Association Settings | ✓ | ✓ | |||||
| Organization: Edit Federation Settings | ✓ | ✓ | |||||
| Organization: Edit Leases Policy | ✓ | ✓ | |||||
| Organization: Edit Limits | ✓ | ||||||
| Organization: Edit Name | ✓ | ||||||
| Organization: Edit OAuth Settings | ✓ | ✓ | |||||
| Organization: Edit Password Policy | ✓ | ✓ | |||||
| Organization: Edit Properties | ✓ | ✓ | |||||
| Organization: Edit Quotas Policy | ✓ | ✓ | |||||
| Organization: Edit SMTP Settings | ✓ | ✓ | |||||
| Organization: Import User/Group from IdP while Editing VDC ACL | ✓ | ✓ | |||||
| Organization: Traversal | ✓ | ||||||
| Organization: View | ✓ | ✓ | ✓ | ✓ | |||
| Organization: View Association Settings | ✓ | ✓ | ✓ | ||||
| Organization: view metrics | ✓ | ✓ | |||||
| Organization: View OAuth Settings | ✓ | ✓ | |||||
| Private IP Spaces: Manage | ✓ | ✓ | |||||
| Private IP Spaces: View | ✓ | ✓ | |||||
| Provider Gateway BGP: Simple Manage | ✓ | ||||||
| Provider Gateway BGP: Simple View | ✓ | ||||||
| Provider Gateway Firewall: Manage | ✓ | ||||||
| Provider Gateway Firewall: View | ✓ | ||||||
| ✓ | Provider Gateway IP Sec VPN: Manage | ✓ | |||||
| ✓ | Provider Gateway IP Sec VPN: View | ✓ | |||||
| Provider Gateway NAT: Manage | ✓ | ||||||
| Provider Gateway NAT: View | ✓ | ||||||
| Provider Gateway: Simple View | ✓ | ✓ | |||||
| ✓ | Provider vDC Storage Policy: Limited View | ✓ | |||||
| ✓ | Provider vDC: Limited View | ✓ | |||||
| Quota Policy Capabilities: View | ✓ | ✓ | |||||
| Quota Policy: Manage | ✓ | ||||||
| Quota Policy: View | ✓ | ||||||
| Rights Bundle: Edit | ✓ | ||||||
| Rights Bundle: View | ✓ | ||||||
| Role: Create, Edit, Delete, or Copy | ✓ | ✓ | |||||
| Security Tag Edit | ✓ | ✓ | |||||
| Service Library: View service libraries | ✓ | ✓ | |||||
| SSL: Test Connection | ✓ | ✓ | ✓ | ||||
| Truststore: Manage | ✓ | ✓ | |||||
| Truststore: View | ✓ | ✓ | |||||
| UI Plugins: View | ✓ | ✓ | ✓ | ✓ | ✓ | ||
| vApp Template / Media: Copy | ✓ | ✓ | ✓ | ✓ | |||
| vApp Template / Media: Create / Upload | ✓ | ✓ | ✓ | ||||
| vApp Template / Media: Edit | ✓ | ✓ | ✓ | ✓ | |||
| vApp Template / Media: View | ✓ | ✓ | ✓ | ✓ | ✓ | ||
| vApp Template: Add to My Cloud | ✓ | ✓ | ✓ | ✓ | ✓ | ||
| vApp Template: Change Owner | ✓ | ✓ | ✓ | ||||
| vApp Template: Download | ✓ | ✓ | ✓ | ||||
| vApp: Change Owner | ✓ | ✓ | |||||
| vApp: Copy | ✓ | ✓ | ✓ | ✓ | ✓ | ||
| vApp: Create / Reconfigure | ✓ | ✓ | ✓ | ✓ | |||
| vApp: Delete | ✓ | ✓ | ✓ | ✓ | ✓ | ||
| vApp: Download | ✓ | ✓ | ✓ | ✓ | |||
| vApp: Edit Properties | ✓ | ✓ | ✓ | ✓ | ✓ | ||
| vApp: Edit VM Compute Policy | ✓ | ✓ | ✓ | ✓ | |||
| vApp: Edit VM CPU | ✓ | ✓ | ✓ | ✓ | |||
| vApp: Edit VM Hard Disk | ✓ | ✓ | ✓ | ✓ | |||
| vApp: Edit VM Memory | ✓ | ✓ | ✓ | ✓ | |||
| vApp: Edit VM Network | ✓ | ✓ | ✓ | ✓ | ✓ | ||
| vApp: Edit VM Properties | ✓ | ✓ | ✓ | ✓ | ✓ | ||
| vApp: Manage VM Password Settings | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
| vApp: Power Operations | ✓ | ✓ | ✓ | ✓ | ✓ | ||
| vApp: Sharing | ✓ | ✓ | ✓ | ✓ | ✓ | ||
| vApp: Snapshot Operations | ✓ | ✓ | ✓ | ✓ | ✓ | ||
| vApp: Upload | ✓ | ✓ | ✓ | ✓ | |||
| vApp: Use Console | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
| vApp: View ACL | ✓ | ✓ | ✓ | ✓ | ✓ | ||
| vApp: View VM and VM's Disks Encryption Status | ✓ | ✓ | ✓ | ||||
| vApp: View VM metrics | ✓ | ✓ | ✓ | ✓ | |||
| vApp: VM Boot Options | ✓ | ✓ | ✓ | ✓ | |||
| vApp: VM Metadata to vCenter | ✓ | ✓ | ✓ | ✓ | |||
| VDC Group: Configure | ✓ | ✓ | |||||
| VDC Group: Configure Logging | ✓ | ✓ | |||||
| VDC Group: View | ✓ | ✓ | |||||
| VDC Template: Instantiate | ✓ | ✓ | |||||
| VDC Template: View | ✓ | ✓ | |||||
| vGPU Profile Consumption: View | ✓ | ✓ |
