To ensure that users can run actions in vRealize Operations, you must configure user access to the actions.

You use role permissions to control who can run actions. You can create multiple roles. Each role can give users permissions to run different subsets of actions. Users who hold the administrator role or the default super user role already have the required permissions to run actions.

You can create user groups to add action-specific roles to a group rather than configuring individual user privileges.


  1. From the left menu, click Administration, and then click the Access Control tile.
  2. To create a role:
    1. Click the Roles tab.
    2. Click the Add icon, and enter a name and description for the role.
  3. To apply permissions to the role, select the role, and in the Permissions pane, click the Edit icon.
    1. Expand Environment, and then expand Action.
    2. Select one or more of the actions, and click Update.
  4. To create a user group:
    1. Click the User Groups tab, and click the Add icon.
    2. Enter a name for the group and a description, and click Next.
    3. Assign users to the group, and click the Objects tab.
    4. Select a role that has been created with permissions to run actions, and select the Assign this role to the user check box.
    5. Configure the object privileges by selecting each adapter instance to which the group needs access to run actions.
    6. Click Finish.

What to do next

Test the users that you assigned to the group. Log out, and log back in as one of the users. Verify that this user can run the expected actions on the selected adapter.