This section describes feature access according to VMware user roles.
Operator-level SASE Orchestrator Features User Role Matrix
The following table lists the Operator-level user roles that have access to the SASE Orchestrator features.
- R: Read
- W: Write (Modify/Edit)
- D: Delete
- NA: No Access
SASE Orchestrator Feature | Operator: Superuser Operator | Operator: Standard Operator | Partner: Business Specialist | Partner: Customer Support Operator | Super User | Standard Admin | Business Specialist | Customer Support |
---|---|---|---|---|---|---|---|---|
Monitor Customers | R | R | R | R | R | R | R | R |
Manage Customers | RWD | RWD | RWD | R | RWD | RWD | RWD | R |
Manage Partners |
RWD | RWD | RWD | R | NA | NA | NA | NA |
(Managing Edge) Software Images | RWD | RWD | R | R | *See Note | *See Note | *See Note | *See Note |
System Properties | RWD | R | NA | R | NA | NA | NA | NA |
Operator Events |
R | R | NA | R | NA | NA | NA | NA |
Operator Profiles |
RWD | RWD | R | R | NA | NA | NA | NA |
Operator Users |
RWD | R | R | R | NA | NA | NA | NA |
Gateway Pools |
RWD | RW | R | R | RWD | RWD | NA | R |
Gateways | RWD | RWD | R | R | RW | RW | NA | R |
Gateway Diagnostic Bundle |
RWD | RWD | R | R | NA | NA | NA | NA |
Application Maps |
RWD | RWD | R | R | NA | NA | NA | NA |
CA Summary |
RW | R | R | R | NA | NA | NA | NA |
Orchestrator Authentication | RWD | R | NA | R | NA | NA | NA | NA |
Replication | RW | R | NA | R | NA | NA | NA | NA |
Note: Operator superusers have "RWD" access to certificate related configurations and standard operators have Read-only access to certificate related configurations. These users can access the certificate related configurations at
Configure > Edges from the navigation panel.*
Note: Enterprise users at all levels do not have access to the Operator-level features.
Partner-level SASE Orchestrator Features User Role Matrix
The following table lists the Partner-level user roles that have access to the SASE Orchestrator features.
- R: Read
- W: Write (Modify/Edit)
- D: Delete
- NA: No Access
SASE Orchestrator Feature | Partner: Superuser | Partner: Standard Admin |
Business Specialist | Customer Support |
---|---|---|---|---|
Monitor Customers | R | R | R | R |
Manage Customers | RWD | RWD | RWD | R |
Events | R | R | NA | R |
Admins | RWD | R | NA | R |
Overview | R | R | R | R |
Settings | RW | R | R | R |
Gateway Pools | RW | RWD | NA | R |
Gateways | RW | RW | NA | R |
Enterprise-level SASE Orchestrator Features User Role Matrix
The following table lists the Enterprise-level user roles that have access to the SASE Orchestrator features.
- R: Read
- W: Write (Modify/Edit)
- D: Delete
- NA: No Access
SASE Orchestrator Feature | Enterprise: Super User | Enterprise: Standard Admin | Customer Support | Read Only |
---|---|---|---|---|
Monitor > Edges | R | R | R | R |
Monitor > Network Services | R | R | R | R |
Monitor > Routing | R | R | R | NA |
Monitor > Alerts | R | R | R | NA |
Monitor > Events | R | R | R | NA |
Monitor > Reports | RWD | RWD | R | R |
Configure > Edges | RWD | RWD | R | NA |
Configure > Profiles | RWD | RWD | R | NA |
Configure > Networks | RWD | RWD | R | NA |
Configure > Segments | RWD | RWD | R | NA |
Configure > Overlay Flow Control | RWD | RWD | R | NA |
Configure > Network Services | RWD | RWD | R | NA |
Configure > Alerts & Notifications | RW | RW | R | NA |
Test & Troubleshoot > Remote Diagnostics | RW | RW | RW | NA |
Test & Troubleshoot > Remote Actions | RW | RW | RW | NA |
Test & Troubleshoot > Packet Capture | RW | RW | RW | NA |
Test & Troubleshoot > Diagnostic Bundles | RWD | RWD | RWD | NA |
Administration > System Settings | RW | RW | RW | NA |
Administration > Administrators | RW | R | R | NA |
Note: Operator users have complete access to the
SASE Orchestrator features.