Assign the permissions to the service account svc-vrops-nsx that are required to access monitoring data from the NSX Manager instance for the management domain in vRealize Operations Manager.

Procedure

  1. In a Web browser, log in to vCenter Server by using the vSphere Client.
    Setting Value
    URL https://sfo01m01vc01.sfo01.rainpole.local/ui
    User name administrator@vsphere.local
    Password vsphere_admin_password
  2. In the VMs and templates inventory, expand the sfo01m01vc01.sfo01.rainpole.local tree and expand the sfo01-m01dc data center.
  3. Expand Management VMs folder, right-click the NSX Manager virtual machine, sfo01m01nsx01, and select Open remote console.
  4. At the command prompt, log in by using the following credentials.

    Setting

    Value

    User name

    admin

    Password

    nsx_admin_password

  5. Create the svc-vrops-nsx local service account on the NSX Manager instance.
    1. Run the command to switch to Privileged mode of NSX Manager.
      enable
    2. When prompted, enter the admin password and press Enter.
    3. Switch to Configuration mode.
      configure terminal
    4. Create the svc-vrops-nsx service account.
      user svc-vrops-nsx password plaintext svc-vrops-nsx_password
    5. Assign the svc-vrops-nsx service account user access to NSX Manager from the vSphere Web Client.
      user svc-vrops-nsx privilege web-interface
    6. Commit these updates to the NSX Manager.
      write memory
    7. Exit Configuration mode.
      exit
  6. Assign the security_admin role to the svc-vrops-nsx service account.
    1. Log in to the host machine that has access to your data center.
    2. Run the Postman application and log in.
    3. In the request pane, provide the URL query for the Management domain NSX Manager.

      Setting

      Value

      HTTP request method

      POST

      Request URL

      https://sfo01m01nsx01.sfo01.rainpole.local/api/2.0/services/usermgmt/role/svc-vrops-nsx?isCli=true

    4. On the Authorization tab, enter the authorization details.

      Setting

      Value

      Type

      Basic Auth

      User name

      admin

      Password

      nsx_admin_password

    5. On the Headers tab, enter the header details.

      Setting

      Value

      Key

      Content-Type

      Key value

      text/xml

    6. On the Body tab, select the Raw radio-button, and from the Text drop-down menu, select XML (Application/XML).
    7. In the Body text box, enter the following request body and click Send.
      <accessControlEntry>
        <role>security_admin</role>
        <resource>
          <resourceId>globalroot-0</resourceId>
        </resource>
      </accessControlEntry>
      

      The Status changes to 204 No Content.

  7. If there are workload domains with NSX Data Center for vSphere that are added to the SDDC, repeat the procedure for each Workload domain NSX Manager.