Workspace ONE Access in VMware Cloud Foundation mode provides identity and access management services to specific components in the SDDC, such as vRealize Suite.
Workspace ONE Access provides:
Directory integration to authenticate users against an identity provider (IdP), such as Active Directory or LDAP.
Multiple authentication methods.
Access policies that consist of rules to specify criteria that users must meet to authenticate.
The Workspace ONE Access instance that is integrated with vRealize Suite Lifecycle Manager provides identity and access management services to vRealize Suite solutions that either run in a VMware Foundation instance or must be available across VMware Cloud Foundation instances. This Workspace ONE Access instance is deployed as cluster behind a load balancer.
See the identity management design for each integrated product:
VMware Cloud Foundation Validated Solutions for specific vRealize Suite components
For identity and access management for components other than vRealize Suite, such as NSX-T Data Center, you can deploy a standalone Workspace ONE Access instance. See Identity and Access Management for VMware Cloud Foundation.