You can create Horizon Cloud administrative users and assign them roles. The roles provide the administrative users specified permissions to the Horizon Universal Console, such as to view specific information or to take specific actions.
Administrative Roles for the Horizon Universal Console
Each role gives create, read, update, and delete permissions to the specified area, and read permissions only to everything else.
|Roles||Area of Permissions|
|Administrator||Access to entire UI and API.|
|Read-Only Administrator||Read-only access to UI and API|
|Pool Administrator||pools and VMs|
|Deployment Administrator||Horizon Edges, Unified Access Gateways, Providers|
|Pool Group Administrator||Pool Groups|
Add Horizon Universal Console Users and Assign Roles
To provide administrative users with access rights to the Horizon Universal Console, you use the VMware Cloud Services Console to first assign those users an organization role. You can then assign Horizon Cloud Service roles to those users.
- Log in to the Cloud Services Console.
- In the left menu, select
Note: The Identity & Access Management node is only available to organization owners and organization administrators.
- Select .
- In the Users text box, add the email addresses of people you want to assign administrative roles.
- Select an organization role for the users you added.
Organization owners and organization admins can use the Cloud Services Console to add and edit users.
- Click Add a Service and, if necessary to choose, select Workspace ONE.
- Click the with roles text box to view the list of available roles and, if desired, select additional roles.
- In the next drop-down menu, select with or until, depending on if you want to set the permissions to expire at some point.
- In the next field, if applicable, provide an expiration date.
- Click Add.
The users you added now have access to the Horizon Universal Console with the permissions you granted them.
Other Actions You Can Perform from the Active Users Page
After you use the Cloud Services Console to add users, you can take several other actions on the Active Users page.
You can perform the following actions, many of which are the same as or similar to the steps for configuring the initial Horizon Availability Monitoring test
|Search the active-users list.||Enter a text string in the Search text box to search the list of active users.|
|View the role-related information of a selected active user.||Click the double arrow next to an active user's name to display the following information.
|Edit a user's role.||Select a user and click Edit Roles.
Editing roles is very similar to the procedure of adding roles, previously described.
|Remove users.||Select one or more users and click Remove Users.|