Horizon Console includes predefined roles that you can assign to your administrator users and groups. You can also create your own administrator roles by combining selected privileges.
What to read next
Predefined Administrator Roles The predefined administrator roles combine all of the individual privileges required to perform common administration tasks. You cannot modify the predefined roles.
Global Privileges Global privileges control system-wide operations, such as viewing and changing global settings. Roles that contain only global privileges cannot be applied to access groups. In a Cloud Pod Architecture environment, roles that contain only global privileges also cannot be applied to federation access groups.
Object-Specific Privileges Object-specific privileges control operations on specific types of inventory objects. Roles that contain object-specific privileges can be applied to access groups. In a Cloud Pod Architecture environment, roles that contain certain object-specific privileges are applicable to federation access groups.
Privilege Scopes Administrator privileges can be limited in scope.
Internal Privileges Some of the predefined administrator roles contain internal privileges. You cannot select internal privileges when you create custom roles.