To perform specific operations, you require privileges associated with the specific role. VMware Telco Cloud Automation includes a set of system-defined roles and associated privileges. You cannot edit or delete them.

Privileges and Roles

The following tables list the system-defined privileges and roles:

Table 1. System-Defined Privileges
Privilege Included Privileges Accessible Objects
System Admin

Administrative privileges for all operations.

  • Role Admin
  • System Audit
  • Virtual Infrastructure Audit
  • Virtual Infrastructure Admin
  • Virtual Infrastructure Consume
  • Infrastructure Design
  • Infrastructure Lifecycle Management
  • Network Function Catalog Design
  • Network Function Catalog Read
  • Network Function Catalog Instantiate
  • Network Function Instance Read
  • Network Function Instance Lifecycle Management
  • Network Service Catalog Design
  • Network Service Catalog Read
  • Network Service Catalog Instantiate
  • Network Service Instance Read
  • Network Service Instance Lifecycle Management
  • Partner System Read
  • Partner System Admin
  • Role Audit
  • Network Function Catalog
  • Network Service Catalog
  • Virtual Infrastructure
  • Network Function Instance
  • Network Service Instance
  • Kubernetes Cluster Template
  • Kubernetes Cluster Instance

Virtual Infrastructure Admin

Administrative privileges for VIM.

Virtual Infrastructure Audit
  • Virtual Infrastructure
  • Kubernetes Cluster Template
  • Kubernetes Cluster Instance

Virtual Infrastructure Audit

Read privileges for VIM.

  • Virtual Infrastructure
  • Kubernetes Cluster Template
  • Kubernetes Cluster Instance
Infrastructure Design

Design privileges for the CaaS cluster templates.

Kubernetes Cluster Template
Infrastructure Lifecycle Management

Lifecycle management privileges for the CaaS cluster instances. The included privileges are Virtual Infrastructure Consume and Infrastructure Design.

  • Kubernetes Cluster Template
  • Kubernetes Cluster Instance

Partner System Admin

Administrative privileges for partner systems.

  • Partner System Read
  • Network Function Catalog Read
  • Virtual Infrastructure Audit
Partner System

Virtual Infrastructure Consume

Deploy privileges for VIM.

Virtual Infrastructure Audit Virtual Infrastructure

Network Function Catalog Design

Design privileges for Network Function Catalog.

Network Function Catalog Read Network Function Catalog

Network Function Catalog Read

Read privileges for Network Function Catalog.

Network Function Catalog

Network Function Catalog Instantiate

Instantiation privileges for Network Function Catalog

  • Network Function Catalog Read
  • Virtual Infrastructure Consume
  • Network Function Instance Read
Network Function Catalog

Network Function Instance Read

Read privileges for Network Function Instance.

  • Network Function Instance
  • Network Function Catalog

Network Function Instance Lifecycle Management

Lifecycle management privileges for Network Function Instance.

  • Network Function Instance Read
  • Network Function Catalog Instantiate
  • Network Function Catalog Read
  • Virtual Infrastructure Consume
Network Function Instance

Network Service Catalog Design

Design privileges for Network Service Catalog.

  • Network Service Catalog Read
  • Network Function Catalog Read
Network Service Catalog

Network Service Catalog Read

Read privileges for Network Service Catalog.

Network Function Catalog Read Network Service Catalog

Network Service Catalog Instantiate

Instantiation privileges for Network Service Catalog.

  • Network Service Catalog Read
  • Virtual Infrastructure Consume
  • Network Function Instance Read
  • Network Service Instance Read
Network Service Catalog

Network Service Instance Read

Read privileges for Network Service Instance.

  • Network Service Instance
  • Network Service Catalog

Network Service Instance Lifecycle Management

Lifecycle Management privileges for Network Service Instance.

  • Network Service Instance Read
  • Network Service Catalog Instantiate
  • Network Function Catalog Read
  • Network Function Instance Read
  • Virtual Infrastructure Consume
  • Network Function Catalog Read
  • Network Function Catalog Instantiate
Network Service Instance

System Audit

Read privileges for all operations.

  • Virtual Infrastructure Audit
  • Partner System Read
  • Network Service Instance Read
  • Network Service Catalog Read
  • Network Function Instance Read
  • Network Function Catalog Read
  • Role Audit
  • Network Function Instance
  • Network Service Instance
  • Virtual Infrastructure
  • Network Function Catalog
  • Network Service Catalog

Role Admin

Administration privileges for all roles operations.

Role Audit
Role Audit

Read privileges for all Role operations.

Table 2. System Defined Roles
Role Privileges
System Administrator

The users assigned to this role can perform all the available actions in VMware Telco Cloud Automation.

  • Role Admin
  • System Audit
  • Virtual Infrastructure Audit
  • Virtual Infrastructure Admin
  • Virtual Infrastructure Consume
  • Infrastructure Design
  • Infrastructure Lifecycle Management
  • Network Function Catalog Design
  • Network Function Catalog Read
  • Network Function Catalog Instantiate
  • Network Function Instance Read
  • Network Function Instance Lifecycle Management
  • Network Service Catalog Design
  • Network Service Catalog Read
  • Network Service Catalog Instantiate
  • Network Service Instance Read
  • Network Service Instance Lifecycle Management
  • Partner System Read
  • Partner System Admin
  • Role Audit
Network Function Designer

The users assigned to this role can perform all the network function actions such as designing, uploading, and managing the Network Function Catalogs.

  • Network Function Catalog Read
  • Network Function Instance Read
Network Function Deployer

The users assigned to this role can perform all the network function actions related to the life-cycle management operations such as Instantiate, Scale, Heal, and other actions available on a Network Function instance.

  • Network Function Instance Read
  • Network Function Catalog Instantiate
  • Network Function Catalog Read
  • Virtual Infrastructure Consume
  • Virtual Infrastructure Audit
  • Network Function Instance Lifecycle Management
Virtual Infrastructure Administrator

The users assigned to this role can perform all the virtual infrastructure-related actions in VMware Telco Cloud Automation.

  • Virtual Infrastructure Audit
  • Virtual Infrastructure Admin
  • Virtual Infrastructure Consume
  • Infrastructure Design
  • Infrastructure Lifecycle Management
Virtual Infrastructure Auditor

The users assigned to this role can view all the virtual infrastructure entities in VMware Telco Cloud Automation.

Virtual Infrastructure Audit
Network Service Designer

The users assigned to this role can perform all the network service actions such as designing, uploading, and managing the Network Service Catalogs.

  • Network Service Catalog Design
  • Network Service Catalog Read
  • Network Function Catalog Read
Network Service Deployer

The users assigned to this role can perform all the network service actions related to the life-cycle management operations such as Instantiate, Scale, Heal, and other actions available on a Network Service instance.

  • Network Service Instance Read
  • Network Service Catalog Instantiate
  • Network Service Catalog Read
  • Network Function Instance Read
  • Virtual Infrastructure Consume
  • Network Function Catalog Read
  • Network Function Catalog Instantiate
  • Virtual Infrastructure Audit
  • Network Service Instance Lifecycle Management
  • Network Function Instance Lifecycle Management
System Auditor

The users assigned to this role can view all the entities in VMware Telco Cloud Automation.

  • System Audit
  • Virtual Infrastructure Audit
  • Network Service Instance Read
  • Network Service Catalog Read
  • Network Function Catalog Read
  • Network Function Instance Read
  • Partner System Read
  • Role Audit
Role Administrator

The users assigned to this role can perform all the object access control related actions in VMware Telco Cloud Automation.

  • Role Admin
  • Role Audit
Partner System Administrator

The users assigned to this role can perform all the partner system-related actions in VMware Telco Cloud Automation.

  • Partner System Read
  • Partner System Admin
  • Network Function Catalog Read
  • Virtual Infrastructure Audit
Partner System Read Only

The users assigned to this role can view all the partner system entities in VMware Telco Cloud Automation.

Partner System Read
Role Auditor

The users assigned to this role can view all the object access control related roles and permissions in VMware Telco Cloud Automation.

Role Audit