User roles determine what you can see and do in vRealize Automation Cloud Assembly. Some roles are defined at the organization level, and some are specific to vRealize Automation Cloud Assembly.

User Roles

User roles are defined for the organization in the vRealize Automation console by an organization owner. There are two types of roles, organization roles and service roles.

The organization roles are global and apply to all services in the organization. The organization-level roles are Organization owner or Organization Member role.

For more information about the organization roles, see Administering vRealize Automation.

The vRealize Automation Cloud Assembly service roles, which are service-specific permissions, are also assigned at the organization level in the console.

Table 1. Service Roles
Role Description
Cloud Assembly Administrator Must have read and write access to the entire user interface and API resources. This is the only user role that can see and do everything, including add cloud accounts, create new projects, and assign a project administrator.
Cloud Assembly User Any user who does not have the Cloud Assembly Administrator role.

In a vRealize Automation Cloud Assembly project, the administrator adds users to projects as project members. The administrator can also add a project administrator. The permission for these two roles are defined below.

Project roles and permissions

Project roles, project administrator and project member, are defined in vRealize Automation Cloud Assembly and can vary between projects.

In the following tables, where the permissions are defined, remember that the cloud administrator has full permission on all areas of the UI.

Project administrators leverage the infrastructure that is created by the cloud administrator to ensure that their project members have the resources they need for their development work.

Table 2. Project Administrator Permissions
Tab Node or Area View Create Modify/Delete
Infrastructure Configure - Projects Yes (only your projects) No Yes (only your projects)
Configure - Cloud Zones No No No
Configure - Flavor Mappings Yes No No
Configure - Image Mappings Yes No No
Configure - Network Profiles Yes No No
Configure - Storage Profiles Yes No No
Configure - Tags Yes No No
Resources - Compute Yes No No
Resources - Network Yes No No
Resources - Storage Yes No No
Resources - Machines Yes (only your projects) Yes Yes (only your projects)
Resources - Volumes
Activity - Requests Yes (only your projects) N/A Yes (only your projects)
Activity - Events Yes (only your projects) N/A Yes (only your projects)
Connections - Cloud Accounts No No No
Connections - Integrations No No
Connections - Cloud Proxies No No
Cost - VMC Assessment Yes No No
Cost - Private Clouds Yes No No
Onboarding No No
Blueprints Blueprints Yes (only for your projects) Yes (only for your projects) Yes (only for your projects)
Deployments Deployments Yes (only for your projects) N/A Yes (only for your projects)

The project members are usually developers who create and deploy blueprints.

Table 3. Project Member Permissions
Tab Node or Area View Create Modify/Delete
Infrastructure Configure - Projects Yes (only the projects you are a member of) No No
Configure - Cloud Zones No No No
Configure - Flavor Mappings Yes No No
Configure - Image Mappings Yes No No
Configure - Network Profiles Yes No No
Configure - Storage Profiles Yes No No
Configure - Tags Yes No No
Resources - Compute Yes No No
Resources - Network Yes No No
Resources - Storage Yes No No
Resources - Machines Yes (only the ones that you deployed) Yes Yes (only the ones that you deployed)
Resources - Volumes
Activity - Requests Yes (only the ones that you deployed) N/A Yes (only the ones that you deployed)
Activity - Events Yes (only the ones that you deployed) N/A Yes (only the ones that you deployed)
Connections - Cloud Accounts No No No
Connections - Integrations
Connections - Cloud Proxies
Cost - VMC Assessment Yes No No
Cost - Private Clouds Yes No No
Onboarding
Blueprints Blueprints Yes (only for your projects) Yes (only for your projects) Yes (only for your projects)
Deployments Deployments Yes (For just your deployments, unless the project deployments are share with all project members.) N/A Yes (For just your deployments, unless projects deployments are shared with all project members and you're entitled to run the day 2 actions.)