How to create new users to access the portal and define roles in Performance Cloud VMware (NSX-T)
TABLE OF CONTENTS
- Notes
- Built-in Roles Definition
- How to create a custom user role
- How to create new users to access the portal
- References
Notes
By default, one (1) Organization Administrator is created when the Performance Cloud VMware service is enabled.
If you currently use an external identity manager to access the Performance Cloud VMware portal, like Microsoft Entra ID, you may not need to follow this article to create users to access the portal. Refer to this article for more information about using a SAML Identity Provider to access the portal.
Predefined user roles are read-only. If these roles don't meet your needs, you can create custom roles to assign to users. Be careful when working with roles. Be sure to always keep one (1) Organization Administrator.
Built-in Roles Definition
- Catalog Author
Most features are hidden for Catalog Authors. Users with this role cannot see virtual machines or vApps. The rights associated with the predefined Catalog Author role allow a user to create and publish catalogs including the upload of ISO files and the import of OVF/OVA templates. - Console Access Only
Users with this role has read-only permissions on virtual machines and vApps (cannot change VMs resources and cannot even power on VMs). This is the minimum right required to access a running virtual machine console and use a guest operating system through the portal. Once the VM console opened, the user can use proper local or network credentials, configured inside virtual machines guest OS or Active Directory. - vApp User
The rights associated with the predefined vApp User role allow a user to use existing vApps. vApp Users have read-write access on vApps and virtual machines on which the user is set as an owner. Useful to delegate management to only some vApps and virtual machines. - vApp Author
The rights associated with the predefined vApp Author role allow a user to use catalogs and create vApps. vApp Authors have same rights as vApp Users but can also create new vApps.and virtual machines using ISO files or templates published in a catalog (as long as the catalog is properly shared)
- Organization Administrator
Default role with the main features enabled. Users with this role can create / delete / modify vApps, virtual machines, networks, firewall rules, catalogs. Organization Administrators can also access the Administration tab (including creation of users and custom roles) and the tab named “Data Protection with Veeam” to manage backups. - Organization Administrator + API Explorer
Same rights as the Organization Administrator role with the API Explorer feature enabled.
This role will only be displayed if you asked us to enable the API Explorer. See this article for details.
How to create a custom user role
METHOD 1 – CREATION
- Login to the Performance Cloud VMware portal using your credentials.
- Click on the Administration tab
- Under Access Control, click on Roles, and then on NEW.
- Name your new role and enter a description.
Browse the various categories and check the desired permissions for this role.
Then click on SAVE.
Example:
METHOD 2 – CLONE
- Login to the Performance Cloud VMware portal using your credentials.
- Click on the Administration tab
- Under Access Control, click on Roles, then select a source role and click on CLONE.
- Edit the name and description of the new role.
Browse the various categories and customize the permissions for the new role and click on SAVE.
How to create new users to access the portal
- Login to the Performance Cloud VMware portal using your credentials.
- Click on the Administration tab
- Under Access Control, click on Users, and then on NEW.
- At a minimum, enter the username, the password twice and the desired role for the new user. The username can be an email address.
If you plan to use quota, you can let the feature enabled and set the desired quota for the user at the bottom.
If you do not plan to use quota, you can disable the feature on users.
Then, click on SAVE.
For more users to create, repeat steps 3 & 4.
You can now login to the Performance Cloud VMware portal using new users.
References