Organization and Service Roles

VMware Cloud Services has two general categories of roles: organization and service.

Organization roles provide capabilities for working with the VMware Cloud Services platform, such as adding users and setting permissions. Service roles provide capabilities related directly to a specific VMware Cloud service.

The ability to activate the first region for an organization requires the Organization Owner role.

The users you invite also need at least one VMware Cloud Flex Storage service roles to access the UI to manage regions.

VMware Cloud Flex Storage Roles

VMware Cloud Flex Storage roles are scoped across all activated regions and datastores. The following table describes each VMware Cloud Flex Storage role and the features each role permits. Match the user role in each column with the capabilities in each row.

Capability	Organization Owner plus any VMware Cloud Flex Storage role	Storage Admin	Filesystem Admin	Filesystem delete restricted	Storage Auditor
Configure email alerts
Create datastore
Delete datastore
Mount cluster to datastore
Unmount cluster from datastore
View data

The following table describes all roles and operations related to storage regions and subscriptions.

Capability	Organization Owner	Global Console Admin	Deployment Admin (activation)	Deployment Admin (deactivation)	Subscription Admin
View existing deployments and their metadata.
Activate or deactivate a region.	(Only required for first region activation.)
Delete a partial/failed activation.
Delete any of the existing activations in any of the regions.
View term subscriptions and pricing
Create new subscriptions
Create /recreate VMware Cloud Flex Storage OAuth app