As an organization administrator, you can create, edit and remove tenant roles in your organization.

Create a Custom Tenant Role

You, as a VMware Cloud Director organization administrator, can use the Tenant Portal to create custom tenant role objects in the organizations you administer.

You can add a custom tenant role with a specific set of rights.

Prerequisites

Verify that you are logged in as an organization administrator or a role with equivalent set of rights.

Procedure

  1. From the primary left navigation panel, select Administration.
  2. From the secondary left panel, under Access Control, select Roles.
    The list of roles appears.
  3. Click New.
  4. Enter a name and a description of the role.
  5. Expand the rights for the role and select the rights for the role.
    The rights are grouped in categories and subcategories that allow either viewing or managing objects.
    Option Description
    Access Control Rights controlling the access to view and manage certain objects.
    Administration Rights controlling the administrative access.
    Compute Rights controlling access and management of the organization and provider virtual data centers, the vApps, organization virtual data centers templates, virtual machine groups, and virtual machine monitoring.
    Extensions Rights controlling the access to any additional plug-ins and VMware Cloud Director extensions.
    Infrastructure Rights controlling the access and management of the infrastructure objects, such as datastores, disks, hosts, and so on.
    Libraries Rights controlling access and management of any catalogs and catalog items.
    Networking Rights controlling access and management of the network settings.
  6. Click Save.

Delete a Role

Organization administrators can use the Tenant Portal to delete role objects in the organizations they administer.

You must select the role and click Delete, to remove it.

Prerequisites

Verify that you are logged in as an organization administrator or a role with equivalent set of rights.

Procedure

  1. From the primary left navigation panel, select Administration.
  2. From the secondary left panel, under Access Control, select Roles.
    The list of roles appears.
  3. Click the radio button next to the role that you want to delete, and click Delete.
  4. Confirm that you want to delete the role by clicking OK.

Edit a Custom Tenant Role

VMware Cloud Director organization administrators can use the Tenant Portal to edit custom tenant role objects in the organizations they administer. As an organization administrator, you can only view the global tenant roles that a system administrator has published to your organization. You cannot edit global tenant roles.

You can edit the name, description, and rights for the role.

Prerequisites

Verify that you are logged in as an organization administrator or a role with equivalent set of rights.

Procedure

  1. From the primary left navigation panel, select Administration.
  2. From the secondary left panel, under Access Control, select Roles.
    The list of roles appears.
  3. Click the radio button next to the role that you want to edit, and click Edit.
  4. Modify the role settings as needed.
    1. Change the name and the description of the role.
    2. Edit the rights for the role.
  5. Click Save.