A user’s role defines the actions the user is allowed to perform on a given resource. The role determines the user’s authorized activities on the given resource, ensuring that a user has access only to the functions necessary to complete applicable operations. This allows domain control over specific resources, or system-wide control if your right has no restrictions.

The following rules are enforced:

  • A user can have only one role.

  • You cannot add a role to a user or remove an assigned role from a user. You can, however, change the assigned role for a user.

Table 1. NSX Manager User Roles

Right

Permissions

Enterprise Administrator

NSX operations and security.

NSX Administrator

NSX operations only: for example, install virtual appliances, configure port groups.

Security Administrator

NSX security only: for example, define data security policies, create port groups, create reports for NSX modules.

Auditor

Read only.

The Enterprise Administrator and NSX Administrator roles can be assigned only to vCenter users.