To perform specific operations, you require privileges associated with the specific role. VMware Telco Cloud Automation includes a set of system-defined roles and associated privileges. You cannot edit or delete them.

System-defined Privileges

The following tables list the system-defined privileges:
Table 1. System Wide Privileges
Privilege Included Privilege(s) Accessible Objects
System Admin - Administration privileges for all operations.
  • Role Admin
  • Role Audit
  • System Audit
  • Virtual Infrastructure Audit
  • Partner System Read
  • Network Service Instance Read
  • Network Service Catalog Read
  • Network Function Catalog Read
  • Network Function Instance Read
  • Virtual Infrastructure Admin
  • Virtual Infrastructure Consume
  • Network Function Catalog Design
  • Network Function Catalog Instantiate
  • Network Function Instance Lifecycle Management
  • Network Service Catalog Design
  • Network Service Catalog Instantiate
  • Network Service Instance Lifecycle Management
  • Partner System Admin
  • Infrastructure Lifecycle Management
  • Infrastructure Design
  • Tag Admin
All
System Audit - Read privileges for all operations.
  • Virtual Infrastructure Audit
  • Partner System Read
  • Network Service Instance Read
  • Network Service Catalog Read
  • Network Function Catalog Read
  • Network Function Instance Read
  • Role Audit
All
Role Admin - Administration privileges for all Roles operations.
  • Role Audit
Roles and Permissions
Role Audit - Read privileges for all Roles operations. Roles and Permissions
Tag Admin - Administration privileges for tag operations. Tags
Table 2. Virtual Infrastructure Privileges
Privilege Included Privileges Accessible Objects
Virtual Infrastructure Admin - Administration privileges for Infrastructure.
  • Virtual Infrastructure Audit
  • Virtual Infrastructure
Virtual Infrastrucuture Audit - Read privileges for Infrastructure.
  • Virtual Infrastructure
  • Kubernetes Cluster Instance
  • Kubernetes Cluster Template
Virtual Infrastructure Consume - Deploy privileges for VIM.
  • Virtual Infrastructure
Infrastructure Design - Design privileges for CaaS cluster templates.
  • Kubernetes Cluster Template
Infrastructure Lifecycle Management - Lifecycle management privileges for CaaS cluster instances.
  • Virtual Infrastructure Consume
  • Virtual Infrastructure Audit
  • Infrastructure Design
  • Kubernetes Cluster Instance
Table 3. Partner System Privileges
Privilege Included Privileges Accessible Objects
Partner System Read - Read privileges for Partner Systems.
  • Virtual Infrastructure
Partner System Admin - Administration privileges for Partner Systems.
  • Partner System Read
  • Network Function Catalog Read
  • Virtual Infrastructure Audit
  • Virtual Infrastructure
Table 4. Network Function Catalog Privileges
Privilege Included Privileges Accessible Objects
Network Function Catalog Design - Design privileges for Network Function Catalog.
  • Network Function Catalog Read
  • Network Function Catalog
Network Function Catalog Read - Read privileges for Network Function Catalog.
  • Network Function Catalog
Network Function Catalog Instantiate - Instantiation privileges for Network Function Catalog.
  • Network Function Catalog Read
  • Virtual Infrastructure Consume
  • Virtual Infrastructure Audit
  • Network Function Instance Read
  • Network Function Catalog
Table 5. Network Function Instance Privileges
Privilege Included Privileges Accessible Objects
Network Function Instance Read - Read privileges for Network Function Instance.
  • Network Function Instance
  • Network Function Catalog
Network Function Instance Lifecycle Management - Lifecycle management privileges for Network Function Instance.
  • Network Function Instance Read
  • Network Function Catalog Instantiate
  • Network Function Catalog Read
  • Virtual Infrastructure Consume
  • Virtual Infrastructure Audit
  • Network Function Instance
Table 6. Network Service Catalog Privileges
Privilege Included Privileges Accessible Objects
Network Service Catalog Design - Design privileges for Network Service Catalog.
  • Network Service Catalog Read
  • Network Function Catalog Read
  • Network Service Catalog
Network Service Catalog Read - Read privileges for Network Service Catalog.
  • Network Function Catalog Read
  • Network Service Catalog
Network Service Catalog Instantiate - Instantiation privileges for Network Service Catalog.
  • Network Service Catalog Read
  • Network Function Catalog Read
  • Virtual Infrastructure Consume
  • Virtual Infrastructure Audit
  • Network Function Instance Read
  • Network Service Instance Read
  • Network Service Catalog
Table 7. Network Service Instance Privileges
Privilege Included Privileges Accessible Objects
Network Service Instance Lifecycle Management - Lifecycle Management privileges for Network Service Instance.
  • Network Service Catalog Instantiate
  • Network Service Catalog Read
  • Network Function Catalog Read
  • Virtual Infrastructure Consume
  • Virtual Infrastructure Audit
  • Network Function Instance Read
  • Network Function Catalog Instantiate
  • Network Service Instance
Network Service Instance Read - Read privileges for Network Service Instance.
  • Network Service Instance
  • Network Service Catalog

System-defined Roles

The following table lists the system-defined roles.
Role Privileges
System Administrator

The users assigned to this role can perform all the available actions in VMware Telco Cloud Automation.

  • Role Admin
  • System Audit
  • Virtual Infrastructure Audit
  • Virtual Infrastructure Admin
  • Virtual Infrastructure Consume
  • Infrastructure Design
  • Infrastructure Lifecycle Management
  • Network Function Catalog Design
  • Network Function Catalog Read
  • Network Function Catalog Instantiate
  • Network Function Instance Read
  • Network Function Instance Lifecycle Management
  • Network Service Catalog Design
  • Network Service Catalog Read
  • Network Service Catalog Instantiate
  • Network Service Instance Read
  • Network Service Instance Lifecycle Management
  • Partner System Read
  • Partner System Admin
  • Role Audit
Network Function Designer

The users assigned to this role can perform all the network function actions such as designing, uploading, and managing the Network Function Catalogs.

  • Network Function Catalog Read
  • Network Function Instance Read
Network Function Deployer

The users assigned to this role can perform all the network function actions related to the life-cycle management operations such as Instantiate, Scale, Heal, and other actions available on a Network Function instance.

  • Network Function Instance Read
  • Network Function Catalog Instantiate
  • Network Function Catalog Read
  • Virtual Infrastructure Consume
  • Virtual Infrastructure Audit
  • Network Function Instance Lifecycle Management
Virtual Infrastructure Administrator

The users assigned to this role can perform all the virtual infrastructure-related actions in VMware Telco Cloud Automation.

  • Virtual Infrastructure Audit
  • Virtual Infrastructure Admin
  • Virtual Infrastructure Consume
  • Infrastructure Design
  • Infrastructure Lifecycle Management
Virtual Infrastructure Auditor

The users assigned to this role can view all the virtual infrastructure entities in VMware Telco Cloud Automation.

Virtual Infrastructure Audit
Network Service Designer

The users assigned to this role can perform all the network service actions such as designing, uploading, and managing the Network Service Catalogs.

  • Network Service Catalog Design
  • Network Service Catalog Read
  • Network Function Catalog Read
Network Service Deployer

The users assigned to this role can perform all the network service actions related to the life-cycle management operations such as Instantiate, Scale, Heal, and other actions available on a Network Service instance.

  • Network Service Instance Read
  • Network Service Catalog Instantiate
  • Network Service Catalog Read
  • Network Function Instance Read
  • Virtual Infrastructure Consume
  • Network Function Catalog Read
  • Network Function Catalog Instantiate
  • Virtual Infrastructure Audit
  • Network Service Instance Lifecycle Management
  • Network Function Instance Lifecycle Management
System Auditor

The users assigned to this role can view all the entities in VMware Telco Cloud Automation.

  • System Audit
  • Virtual Infrastructure Audit
  • Network Service Instance Read
  • Network Service Catalog Read
  • Network Function Catalog Read
  • Network Function Instance Read
  • Partner System Read
  • Role Audit
Role Administrator

The users assigned to this role can perform all the object access control related actions in VMware Telco Cloud Automation.

  • Role Admin
  • Role Audit
Partner System Administrator

The users assigned to this role can perform all the partner system-related actions in VMware Telco Cloud Automation.

  • Partner System Read
  • Partner System Admin
  • Network Function Catalog Read
  • Virtual Infrastructure Audit
Partner System Read Only

The users assigned to this role can view all the partner system entities in VMware Telco Cloud Automation.

Partner System Read
Role Auditor

The users assigned to this role can view all the object access control related roles and permissions in VMware Telco Cloud Automation.

Role Audit