RBAC roles for the VMware administrator
NetBackup enables control over which users can access which VMware resources using Role Based Access Control (RBAC). You can grant RBAC access globally (to all VMware assets), at the individual VMware server level, or based on specific objects in the VMware object hierarchies.
The Default VMware Administrator role has access to all VMware assets (global). With this role the administrator can also manage credentials for a vCenter, ESX server, etc. (These credentials are managed on the VMware servers tab in .)
In addition, you may need other custom roles to give additional access to your VMware administrators.
A role that gives a VMware administrator access to a guest VM credential. This way, the user can perform an agentless files and folder recovery to the guest VM without having the VM's username and password.
See Provide access to a credential for agentless single file recovery to a guest VM.
A role that is restricted to a single datacenter in a vCenter.
A role to manage an Organization VDC (OrgVDC).
See Create a custom role for an Organization VDC administrator.
A role that is restricted to an individual VM or VMs.
Note the following:
To create an RBAC role, you must have the RBAC Administrator role or the permissions to create roles.
To create a credential, you must have the RBAC Administrator role or a role that has permissions to create credentials. The role can assign a credential to a user, but cannot create a credential in credential management.
Contact your NetBackup administrator for assistance with creating roles and credentials.
An RBAC role can be configured with access only on a vCloud Director server or on objects in the vCloud Director hierarchy. Users with this role are not able to see jobs in the Activity monitor.