The three-level authorization model of vCenter Server maps to local roles and to vCenter Single Sign-On groups, depending on how the user authenticated. This model allows consistent security control regardless of operational context.
The authorization levels map to group and role.
| Authorization Level | vCenter Single Sign-On Group | vCenter Server Local Role |
|---|---|---|
| operator | SystemConfiguration.Administrators | operator |
| administrator | SystemConfiguration.Administrators | admin |
| superAdministrator | SystemConfiguration.BashShellAdministrators | superAdmin |
When a super administrator adds user accounts, the options available include a choice of the role to assign to the new user.
