Role-based access control (RBAC) helps restrict access to NSX Intelligence features to certain authorized users only.
Because the NSX Intelligence features are accessed using the NSX Manager user interface, the same NSX-T Data Center built-in roles assigned to users are used for the NSX Intelligence RBAC and each role has specific permissions. For information on how to assign roles to users, see the NSX-T Data Center Administration Guide.
To view the NSX-T Data Center built-in roles, navigate to .
Roles and Permissions
The following are the types of permissions enforced in the NSX Intelligence feature. Included in the list are the abbreviations for the permissions that are used in the NSX Intelligence Roles and Permissions table.
Full access (FA) - For recommendations, full access include the ability to read, start, rerun, update, delete, and publish recommendations.
Execute (E)
Read (R)
None
The NSX Intelligence feature recognizes the following built-in roles. You cannot add any new roles because custom RBAC roles do not support NSX Intelligence features. Also included in the list are the abbreviations for the roles that are used in the NSX Intelligence Roles and Permissions table.
Auditor (A)
-
Enterprise Admin (EA)
-
GI (Guest Introspection) Partner Admin (GIA)
-
LB (Load Balancer) Admin (LBA)
-
LB Operator (LBO)
-
NETX (Network Introspection) Partner Admin (NIA)
Network Admin (NA)
Network Operator (NO)
Security Admin (SA)
-
Security Operator (SO)
-
Support Bundle Collector (SBC)
VPN Admin (VPNA)
The following table shows the permissions that each built-in role has for the different NSX Intelligence operations.
Operation |
EA |
A |
SA |
SO |
NA |
NO |
SBC |
GIA |
NIA |
LBA |
LBO |
VPNA |
---|---|---|---|---|---|---|---|---|---|---|---|---|
Activate the NSX Intelligence feature on the NSX Application Platform. |
FA |
R |
R |
R |
None |
None |
None |
None |
None |
None |
None |
None |
Cofigure NSX Intelligence data collection settings on hosts or cluster of hosts using |
FA |
R |
FA |
R |
None |
None |
None |
None |
None |
None |
None |
None |
Work with the | dashboard.FA | R | FA | R | None | None | None | None | None | None | None | None |
Configure the detectors in | .FA | R | FA | R | None | None | None | None | None | None | None | None |
Visualization of traffic flows using . |
FA |
R |
R |
R |
R |
R |
None |
None |
None |
None |
None |
None |
Work with NSX recommendations using . |
FA |
R |
FA |
R |
None |
None |
None |
None |
None |
None |
None |
None |
Generate a support bundle using . |
FA |
R |
None |
None |
None |
None |
FA |
None |
None |
None |
None |
None |
Upgrade the NSX Intelligence feature using the NSX Application Platform. |
FA |
R |
None |
None |
None |
None |
None |
None |
None |
None |
None |
None |
Search for flows using the Search bar. |
FA |
R |
R |
R |
R |
R |
None |
None |
None |
None |
None |
None |
Search for recommendation using the Search bar. |
FA |
R |
R |
R |
None |
None |
None |
None |
None |
None |
None |
None |