Create a custom role to manage specific VMs
A custom role can allow the administrator to manage specific VMs. You can choose to manage permissions for the VMs from the VMware Cloud Director or the VMware vSphere (vCenter) object hierarchies. Use this role if you do not want users to have the Default VMware Administrator role. See the following topic for requirements to create an RBAC role.
See RBAC roles for the VMware administrator.
To create a custom role to manage specific VMs
- On the left, select Security > RBAC and select Add.
- Select Default VMware Administrator and select Next.
- Provide a Role name and a description.
For example, include a description that the role allows users to manage the names of specific VMs.
- Under Workloads, select Edit.
- Clear the option Apply permissions to all existing and future VMware assets.
- Select Add.
- On the left, expand the tree hierarchy. Then on the right pane select the VMs to which you want to grant access.
- Select Assign.
- Under Users, select Edit. Then add the users that you want to have this RBAC role.
- Select Assign.
- When you are done configuring the role, select Add role.
Continue with the following steps to add additional RBAC permissions to the VMware server the RBAC role users can perform restores.
- On the left, select Workloads > VMware.
- Select the VMware servers tab.
- On the right, locate the vCenter or the Datacenter where the virtual machines reside. Then select Actions > Manage permissions.
- Select Add.
- From the list select the new role that you created in step 1.
- From the Permissions list, select the permission View restore targets.
- Select Save.