To manage access to services provided by VMware Aria Automation, you assign global organization roles and service roles to the service account for communication from VMware Aria Operations to VMware Aria Automation.

UI Procedure

  1. Log in to the VMware Aria Automation cloud services console at https://<aria_automation_cluster_fqdn>/csp/gateway/portal with a user assigned the Assembler administrator service role.
  2. In the left navigation pane, click Identity and access management > Active users.

  3. On the Active users page, select the service account for communication from VMware Aria Operations to VMware Aria Automation and click Edit roles.

  4. On the Edit Roles page, from the Assign organization roles drop-down menu, select Organization owner.

  5. Click Add service access and from the Add service roles drop-down menus, select Assembler and Assembler administrator.

  6. Click Save.

PowerShell Procedure

  1. Start PowerShell.

  2. Replace the values in the sample code with values from your VMware Cloud Foundation Planning and Preparation Workbook and run the commands in the PowerShell console.

    $sddcManagerFqdn = "sfo-vcf01.sfo.rainpole.io"
    $sddcManagerUser = "administrator@vsphere.local"
    $sddcManagerPass = "VMw@re1!"
    
    $configUser = "configadmin"
    $configPass = "VMw@re1!"
    $serviceAccountEmail = "svc-vrops-vra@rainpole.io"
  3. Assign an organization role and a service role to the service account service account for communication from VMware Aria Operations to VMware Aria Automation from the VMware Cloud Foundation Planning and Preparation Workbook.

    Add-vRAUser -server $sddcManagerFqdn -user $sddcManagerUser -pass $sddcManagerPass -vraUser $configUser -vraPass $configPass -email $serviceAccountEmail -orgRole org_owner -serviceRole automationservice:cloud_admin