When creating new roles, you can associate them with different permissions to determine what actions a user with a specific role can perform in VMware Cloud Provider Lifecycle Manager.
Available Permissions in VMware Cloud Provider Lifecycle Manager
| New in this release | Permission | Description |
|---|---|---|
| ADD_PRODUCT_NODE | Allows the deployment of a new product node. | |
| ALL | Grants all the listed permissions to the VMware Cloud Provider Lifecycle Manager user. | |
| CHANGE_PASSWORD | Allows modifying the password of the VMware Cloud Provider Lifecycle Manager user account. | |
| CONFIGURE_PRODUCT_CERTIFICATE | Allows configuring product certificates. | |
| CREATE_BACKUP | Allows creating a backup of the VMware Cloud Provider Lifecycle Manager appliance. | |
| CREATE_DC | Allows registering a new infrastructure component. | |
| CREATE_ENV | Allows the deployment of a new product in VMware Cloud Provider Lifecycle Manager. | |
| CREATE_PRODUCT_REPORT | Allows generating an interoperability product report. | |
| CREATE_SUPPORT_BUNDLE | Allows generating a support bundle. | |
| CREATE_TAGS | Allows assigning tags to a product or an infrastructure component. | |
| DEFAULT | Grants none of the listed permissions to the VMware Cloud Provider Lifecycle Manager user. | |
| DELETE_DC | Allows deleting a registered infrastructure component. | |
| DELETE_ENV | Allows deleting a registered product environment. | |
| DELETE_PRODUCT_NODE | Allows deleting a registered product node. | |
| DELETE_TAGS | Allows removing an assigned tag. | |
| DISCOVER_DC | Allows running a discovery for a registered infrastructure component. | |
| DISCOVER_PRODUCT | Allows running a discovery for a registered product. | |
| GET_TAGS | Allows the retrieval of all the tags of a registered product or a registered infrastructure component. | |
| INTEROP_CHECK | Allows checking for an interoperability bundle update. | |
| INTEROP_INSTALL | Allows the installation of an interoperability bundle update. | |
| ✓ | POWER_MODE | Allows activating or deactivating the maintenance mode for a VMware Cloud Director cell. |
| ✓ | READ_CONFIG | Allows the access to configurations for telemetry, automatically triggered tasks, and VMware Cloud Provider Lifecycle Manager. |
| READ_CONTENT_REPO | Allows access of information about all available product versions from the local VMware Cloud Provider Lifecycle Manager repository. | |
| READ_DC | Allows access of information about all infrastructure components. | |
| READ_ENV | Allows access of information about all registered product environments. | |
| READ_LOGS | Allows access of information about all the logs of the VMware Cloud Provider Lifecycle Manager appliance. | |
| READ_NOTIFICATIONS | Allows viewing the notifications from the VMware Cloud Provider Lifecycle Manager Web Interface. | |
| READ_NOTIFICATIONS_CONFIG | Allows access to the current configuration for the notifications. | |
| READ_PRODUCT | Allows access of information about registered products. | |
| READ_PRODUCT_CERTIFICATE | Allows the retrieval of the certificates for the registered products. | |
| READ_PRODUCT_NODE | Allows access of information about a deployed product node. | |
| READ_PRODUCT_NODES | Allows the retrieval of a list of all the nodes of a deployed product. | |
| READ_TASK | Allows access of information about tasks. | |
| READ_TASK_LOGS | Allows the retrieval of all the logs for a specific task. | |
| ✓ | READ_WRITE_CONFIG | Allows managing configurations for telemetry, automatically triggered tasks, and VMware Cloud Provider Lifecycle Manager. |
| READ_WRITE_DC | Allows the update of infrastructure components. | |
| READ_WRITE_ENV | Allows the update of registered product environments. | |
| ✓ | READ_WRITE_INTEGRATIONS | Allows managing product integrations. |
| READ_WRITE_NOTIFICATIONS | Allows managing system notifications - for example, marking a notification as read or archived. | |
| READ_WRITE_NOTIFICATIONS_CONFIG | Allows managing the configuration of the notifications. | |
| READ_WRITE_PRODUCT | Allows updating the information about a product. | |
| REDEPLOY_PRODUCT_NODE | Allows the redeployment of a product node. | |
| RESTART_SERVICE | Allows restarting a service. | |
| RESTORE_BACKUP | Allows restoring to a VMware Cloud Provider Lifecycle Manager backup. | |
| ✓ | VCPLCM_SUPPORT | Allows the management of product certificates. |
| UPDATE_PRODUCT_NODE | Allows the update of a product node. | |
| UPDATE_TASK | Allows the update of a task. | |
| UPGRADE_PRODUCT | Allows the upgrade of a product. | |
| USERS_MANAGEMENT | Grants a permission for user management relates tasks such as registering an authentication instance, creating users, creating roles. | |
| USERS_READER | Allows the retrieval of a list of the imported users in VMware Cloud Provider Lifecycle Manager from an LDAP or Active Directory. |
