To provide role-based access control for the SDDC, you configure an identity provider in vCenter Server. That becomes the identity provider for both vCenter Server and SDDC Manager. You then configure an identity provider in NSX Manager useg of Microsoft Active Directory over LDAP with SSL.
To implement and configure role-based access control for the SDDC, alternative methods exist:
Method |
Description |
---|---|
Implementation Using PowerShell Automation |
End-to-end automated implementation using PowerShell. |
Implementation Using Component User Interfaces |
End-to-end manual implementation using the user interface of each component. |
Active Directory security groups and users are assigned to default and custom roles. Password and account lockout policies are configured based on the security and compliance standards used by your organization.
For information on the role-based access control (RBAC) design, see Detailed Design of Identity and Access Management for VMware Cloud Foundation.
Prerequisites
To complete the implementation of Identity and Access Management for VMware Cloud Foundation validated solution, verify that your system fulfills the following prerequisites.
Category |
Prerequisite |
---|---|
Environment |
|
Active Directory |
|
Certificate Authority |
|