Grant users in your organization the NSX Admin service role to allow them to view and configure features on the Networking & Security tab.
Organization roles specify the privileges that an organization member has over organization assets. Service roles specify the privileges that an organization member has when accessing VMware Cloud Services that the organization uses. All service roles can be assigned and changed by a user with organization owner privileges, so restrictive roles such as Administrator (Delete Restricted) or NSX Cloud Auditor should be assigned along with the role of organization member to prevent modification.
A user must log out and then log back in for a new service role to take effect.
You must be an Organization Owner to assign a role to an organization member.
- Log in to the VMC Console at https://vmc.vmware.com.
- Click the services icon and select Identity & Access Management.
- Select a user and click Edit Roles.
- Select a role name from the Assign Organization Roles drop-down control.
- Select the VMware Cloud on AWS service name under Assign Service Roles.
- Select an NSX service role to assign.
The following NSX sservice roles are available:
- NSX Cloud Auditor
- This role can view NSX service settings and events but cannot make any changes to the service.
- NSX Cloud Admin
- This role can perform all tasks related to deployment and administration of the NSX service.
When multiple service roles are assigned to an organization user, permissions are granted for the most permissive role. For example, an organization member who has both the NSX Cloud Admin and NSX Cloud Auditor roles is granted all the NSX Cloud Admin permissions, which inclode those granted to the NSX Cloud Auditor role.
- Click SAVE to save your changes.
What to do next
Ensure that any users whose roles were changed log out and log back in for the changes to take effect.