A user’s role defines the actions the user is allowed to perform on a given resource. The role determines the user’s authorized activities on the given resource, ensuring that a user has access only to the functions necessary to complete applicable operations. This allows domain control over specific resources, or system-wide control if your right has no restrictions.
The following rules are enforced:
- A user can have only one role.
- You cannot add a role to a user or remove an assigned role from a user. You can, however, change the assigned role for a user.
|Enterprise Administrator||NSX operations and security.|
|NSX Administrator||NSX operations only: for example, install virtual appliances, configure port groups.|
|Security Administrator||NSX security only: for example, define distributed firewall rules, configure NAT and load balancer services.|
The Enterprise Administrator and NSX Administrator roles can be assigned only to vCenter users.