This section describes feature access according to VMware user roles.

Operator-level SASE Orchestrator Features User Role Matrix

The following table lists the Operator-level user roles that have access to the SASE Orchestrator features.

  • R: Read
  • W: Write (Modify/Edit)
  • D: Delete
  • NA: No Access
SASE Orchestrator Feature Operator: Superuser Operator Operator: Standard Operator Partner: Business Specialist Partner: Customer Support Operator Super User Standard Admin Business Specialist Customer Support
Monitor Customers R R R R R R R R
Manage Customers RWD RWD RWD R RWD RWD RWD R

Manage Partners

RWD RWD RWD R NA NA NA NA
(Managing Edge) Software Images RWD RWD R R *See Note *See Note *See Note *See Note
System Properties RWD R NA R NA NA NA NA

Operator Events

R R NA R NA NA NA NA

Operator Profiles

RWD RWD R R NA NA NA NA

Operator Users

RWD R R R NA NA NA NA

Gateway Pools

RWD RW R R RWD RWD NA R
Gateways RWD RWD R R RW RW NA R

Gateway Diagnostic Bundle

RWD RWD R R NA NA NA NA

Application Maps

RWD RWD R R NA NA NA NA

CA Summary

RW R R R NA NA NA NA
Orchestrator Authentication RWD R NA R NA NA NA NA
Replication RW R NA R NA NA NA NA
Note: Operator superusers have "RWD" access to certificate related configurations and standard operators have Read-only access to certificate related configurations. These users can access the certificate related configurations at Configure > Edges from the navigation panel.*
Note: Enterprise users at all levels do not have access to the Operator-level features.

Partner-level SASE Orchestrator Features User Role Matrix

The following table lists the Partner-level user roles that have access to the SASE Orchestrator features.

  • R: Read
  • W: Write (Modify/Edit)
  • D: Delete
  • NA: No Access
SASE Orchestrator Feature Partner: Superuser

Partner: Standard Admin

Business Specialist Customer Support
Monitor Customers R R R R
Manage Customers RWD RWD RWD R
Events R R NA R
Admins RWD R NA R
Overview R R R R
Settings RW R R R
Gateway Pools RW RWD NA R
Gateways RW RW NA R

Enterprise-level SASE Orchestrator Features User Role Matrix

The following table lists the Enterprise-level user roles that have access to the SASE Orchestrator features.

  • R: Read
  • W: Write (Modify/Edit)
  • D: Delete
  • NA: No Access
SASE Orchestrator Feature Enterprise: Super User Enterprise: Standard Admin Customer Support Read Only
Monitor > Edges R R R R
Monitor > Network Services R R R R
Monitor > Routing R R R NA
Monitor > Alerts R R R NA
Monitor > Events R R R NA
Monitor > Reports RWD RWD R R
Configure > Edges RWD RWD R NA
Configure > Profiles RWD RWD R NA
Configure > Networks RWD RWD R NA
Configure > Segments RWD RWD R NA
Configure > Overlay Flow Control RWD RWD R NA
Configure > Network Services RWD RWD R NA
Configure > Alerts & Notifications RW RW R NA
Test & Troubleshoot > Remote Diagnostics RW RW RW NA
Test & Troubleshoot > Remote Actions RW RW RW NA
Test & Troubleshoot > Packet Capture RW RW RW NA
Test & Troubleshoot > Diagnostic Bundles RWD RWD RWD NA
Administration > System Settings RW RW RW NA
Administration > Administrators RW R R NA
Note: Operator users have complete access to the SASE Orchestrator features.