All users in your provider organization have role-based access to the resources of the organization. Refer to this page for information about the permissions granted to every role available to Cloud Services Provider users in VMware Cloud Partner Navigator.
Roles are collections of permissions that bind to the organization's resources. Permissions are actions on a certain organization. The association between a role, a user, and organization is defined as a binding.
When granting users access to the service or cloud endpoint resources of your organization, you select one of the roles supported in each product. For information about these roles, refer to the documentation of the relevant product.
You manage users and roles in the Identity & Access Management menu.
The following table lists the permissions attached to each user role in provider organizations.
Permission |
Provider Administrator |
Provider Operations Administrator |
Provider Operations User |
Provider Account Administrator |
Provider Billing User |
Provider Support User |
Provider Service Manager |
Provider Developer |
|---|---|---|---|---|---|---|---|---|
View cloud endpoints |
✓ |
✓ |
✓ |
✓ |
||||
Add, edit or remove cloud endpoints |
✓ |
✓ |
✓ |
|||||
Access cloud endpoints |
✓ |
✓ |
✓ |
✓ |
||||
View all customer resources |
✓ |
✓ |
✓ |
|||||
View all resources in provider organization |
✓ |
✓ |
✓ |
✓ |
✓ |
|||
View selected customer resources |
✓ |
|||||||
View services in provider organization |
✓ |
✓ |
✓ |
✓ |
||||
Enable services in provider organization |
✓ |
|||||||
Access services in provider organization |
✓ |
✓ |
✓ |
✓ |
||||
View all customer organizations |
✓ |
✓ |
✓ |
✓ |
✓ |
✓ |
||
View selected customer organizations |
✓ |
|||||||
Add or remove customer organizations |
✓ |
✓ |
✓ |
|||||
Edit the details of all customer organizations |
✓ |
✓ |
✓ |
|||||
Edit the details of selected customer organizations |
✓ |
|||||||
Enable cloud endpoints for customer organizations |
✓ |
✓ |
✓ |
|||||
Enable services for customer organizations |
✓ |
✓ |
✓ |
|||||
View users in provider organization |
✓ |
|||||||
Add or remove users in provider organization and edit their roles |
✓ |
|||||||
Manage federated identity and enterprise groups in provider organization |
✓ |
|||||||
View commit contract information |
✓ |
✓ |
✓ |
✓ |
✓ |
✓ |
||
Manage automatic reporting of vCloud Usage Meter instances |
✓ |
|||||||
View usage of provider organization |
✓ |
✓ |
✓ |
✓ |
✓ |
|||
View usage of all customer organizations |
✓ |
✓ |
✓ |
✓ |
||||
View usage of selected customer organizations |
✓ |
|||||||
View support tickets for provider organization |
✓ |
✓ |
✓ |
✓ |
✓ |
✓ |
||
View support tickets for all customer organizations |
✓ |
✓ |
✓ |
✓ |
||||
View support tickets for selected customer organizations |
✓ |
✓ |
||||||
Open new support tickets for provider organization |
✓ |
✓ |
✓ |
✓ |
✓ |
✓ |
||
Open new support tickets for all customer organizations |
✓ |
✓ |
✓ |
✓ |
||||
Open new support tickets for selected customer organizations |
✓ |
|||||||
Customize portal branding for provider and customer organizations |
✓ |
✓ |
✓ |
|||||
Customize branding for selected customer organizations |
✓ |
✓ |
✓ |
✓ |
||||
Access customer organizations |
✓ |
✓ |
✓ |
✓ |
||||
View users in customer organizations |
✓ |
✓ |
✓ |
✓ |
||||
Manage users in customer organizations |
✓ |
✓ |
✓ |
✓ |
||||
View customer resources and services in customer organizations |
✓ |
✓ |
✓ |
✓ |
||||
Create and manage OAuth apps without restrictions. |
✓ |
|||||||
Create and manage OAuth apps with restricted access to resources. |
✓ |
✓ |
||||||
Change and manage commit contracts |
✓ |
✓ |
The Provider Account Administrator role has permissions for selected customer organizations.
The Provider Operations User role has permissions for selected cloud endpoints with an assigned level of access.
The Provider Service Manager role has permissions for selected services and cloud endpoints in your provider organization with an assigned level of access.
The Provider Developer role is not an independent role and can only be assigned alongside another role.
