Assign the permissions to the service account svc-vrops-nsx that are required to access monitoring data from the NSX Manager in vRealize Operations Manager.

1. Log in to the NSX Manager by using a Secure Shell (SSH) client.
   1. Open an SSH connection to the NSX Manager virtual machine.

      NSX Manager	Host name
      NSX Manager for the ROBO cluster	nyc01r01nsx01.rainpole.local

   2. Log in using the following credentials.

      Setting	Value
      User name	admin
      Password	nsx_manager_admin_password

2. Create the svc-vrops-nsx local service account on the NSX Manager instance.
   1. Run the following command to switch to Privileged mode of NSX Manager.

      enable

   2. Enter the admin password when prompted and press Enter.
   3. Switch to Configuration mode.

      configure terminal

   4. Create the svc-vrops-nsx service account .

      user svc-vrops-nsx password plaintext svc-vrops-nsx_password

   5. Assign the svc-vrops-nsx user access to NSX Manager from the vSphere Web Client.

      user svc-vrops-nsx privilege web-interface

   6. Commit these updates to the NSX Manager.

      write memory

   7. Exit Configuration mode.

      exit

3. Assign the security_admin role to the svc-vrops-nsx service account.
   1. Log in to the Windows host that has access to your data center.
   2. Run the Postman application and log in.
   3. Select POST from the drop-down menu that contains the HTTP request methods.
   4. In the URL text box next to the selected method, enter the following URL.

      NSX Manager	POST URL
      NSX Manager for ROBO cluster	https://nyc01r01nsx01.rainpole.local/api/2.0/services/usermgmt/role/svc-vrops-nsx?isCli=true

   5. On the Authorization tab, configure the following authorization settings and click Update Request.

      Setting	Value
      Type	Basic Auth
      User name	admin
      Password	nsx_manager_admin_password

   6. On the Headers tab, enter the following header details.

      Setting	Value
      Key	Content-Type
      Value	text/xml

   7. In the Body tab, select raw, paste the following request in the Body text box and click Send.

      <accessControlEntry>
        <role>security_admin</role>
        <resource>
          <resourceId>globalroot-0</resourceId>
        </resource>
      </accessControlEntry>
      

      The Status changes to 204 No Content.