Because the NSX Intelligence features are accessed using the NSX Manager user interface, the same NSX-T Data Center built-in roles assigned to users are used for the NSX Intelligence RBAC and each role has specific permissions. For information on how to assign roles to users, see the NSX-T Data Center Administration Guide.

To view the NSX-T Data Center built-in roles, navigate to System > User Management > Roles.

Roles and Permissions

The following are the types of permissions enforced in the NSX Intelligence feature. Included in the list are the abbreviations for the permissions that are used in the NSX Intelligence Roles and Permissions table.

• Full access (FA) - For recommendations, full access include the ability to read, start, rerun, update, delete, and publish recommendations.

• Execute (E)

• Read (R)

• None

The NSX Intelligence feature recognizes the following built-in roles. You cannot add any new roles because custom RBAC roles do not support NSX Intelligence features. Also included in the list are the abbreviations for the roles that are used in the NSX Intelligence Roles and Permissions table.

• Auditor (A)

• Enterprise Admin (EA)

• GI (Guest Introspection) Partner Admin (GIA)

• LB (Load Balancer) Admin (LBA)

• LB Operator (LBO)

• NETX (Network Introspection) Partner Admin (NIA)

• Network Admin (NA)

• Network Operator (NO)

• Security Admin (SA)

• Security Operator (SO)

• Support Bundle Collector (SBC)

• VPN Admin (VPNA)

The following table shows the permissions that each built-in role has for the different NSX Intelligence operations.