A tenant is an isolated instance of NSX Advanced Load Balancer. Each NSX Advanced Load Balancer user account is associated with one or more tenants.

The tenant associated with a user account defines the resources that the user can access within NSX Advanced Load Balancer. When a user logs in, NSX Advanced Load Balancer restricts their access to only those resources that are in the same tenant. If a user is associated with multiple tenants, each tenant still isolates the resources that belong to that tenant from the resources in other tenants. To access resources in another tenant, the user must switch the focus of the management session to that other tenant.

Note:

Default Tenant

By default, all resources belong to a single, global tenant: admin. The admin tenant contains all NSX Advanced Load Balancer resources.

The default admin user account belongs to the admin tenant and therefore can access all resources.

If no additional tenants are created, all new NSX Advanced Load Balancer user accounts are automatically added to the admin tenant.

Tenant-to-Role Mapping

Within each user account, the role selected for the user is mapped to a tenant. If only one tenant is defined (the default admin tenant), this tenant is automatically mapped to the role selected for the user. This allows the user to access all resources, to the extent (write, read, or no access) allowed by their role.

Creating additional tenants allows a user account to have multiple roles. In this case, within the user account, each role can be mapped individually to a tenant. Or, optionally, a single role can be mapped to all tenants.

If a single role is mapped to all tenants, the default tenant for that user must be selected. The default tenant is the one the user is placed into when logging into NSX Advanced Load Balancer. After logging in, the user can switch the management session to other tenants as needed.

All Tenants View-only Tenant for Super Users

NSX Advanced Load Balancer user accounts that are enabled for superuser access automatically have access to a special read-only tenant: All Tenants. The All Tenants view provides read-only access to all resources within NSX Advanced Load Balancer. The All Tenants tenant cannot be mapped to any roles within a user account. The All Tenants tenant is automatically made available to all superuser accounts.