VMware Aria Automation 中的自訂使用者角色
VMware Aria Automation
中的自訂使用者角色作為
Automation Assembler
管理員,您可以建立自訂角色,以定義使用者可在 VMware Aria Automation
中查看的內容和執行的動作。然後,您可以將使用者指派給這些角色。 自訂使用者角色權限
Using
Automation Assembler
, you can define more
granular user roles and then assign users to those roles. The custom roles have two
categories, view and manage. - View. A user assigned to a role with this permission can see all the items for all projects in the selected sections of the user interface. This role is useful for users who need to see accounts, configurations, or assigned values.
- Manage. A user assigned to a role with this permission can see all the items and has full add, edit, and delete permissions for all projects in the selected sections of the user interface.
These permissions extend the privileges
that are granted by the other roles and are not restricted by project membership.
For example, you can expand a project administrator's permissions to manage parts of
the infrastructure or give a service viewer an ability to review and respond to
approvals requests.
如何建立自訂使用者角色
若要定義使用者角色並指派使用者,請以服務管理員身分開啟
Automation Assembler
或 Automation Service Broker
。您無法在 Automation Pipelines
中設定自訂角色,但這些角色會套用至所有服務。- 選取。
- 按一下新增自訂角色,然後輸入唯一的名稱,以便可以在將使用者指派給該角色時識別該名稱。
- 選取與希望使用者對資源擁有的權限對應的核取方塊。
- 按一下建立。
- 在清單中,按一下自訂角色名稱,然後按一下指派。
- 新增您希望具有此角色的使用者或群組,然後按一下新增。
如何確定使用者具有哪些自訂角色
若要管理具有自訂角色的使用者,可以檢閱使用者和群組。
- 選取。
- 檢閱 [自訂角色] 資料行以尋找具有該角色的使用者。
- 若要為使用者新增或移除角色,請按一下該使用者的名稱,然後修改自訂角色指派。
自訂角色說明
在大多數情況下,使用者介面中提供了角色說明。但是,下表提供了一些詳盡說明。
User Interface | Permission | Description |
|---|---|---|
Infrastructure
| ||
View Cloud Accounts. | View cloud accounts. | |
Manage Cloud Accounts | Create, update, or delete cloud accounts. | |
View Image Mappings | View image mappings. | |
Manage Image Mappings | Create, update, or delete image mappings. | |
View Flavor Mappings | View flavor mappings. | |
Manage Flavor Mappings | Create, update, or delete flavor mappings. | |
View Cloud Zones | View cloud zones,
Insights, and alerts. | |
Manage Cloud Zones | Create, update, or
delete cloud zones. Manage alerts. | |
View Requests | View activity requests. | |
Manage Requests | Delete requests from the list. | |
View Integrations | View integrations. | |
Manage Integrations | Create, update, or delete integrations. | |
View Projects | View projects. | |
Manage Projects | Create projects. Add users and assign roles in projects. Update,
or delete values from project summary, users, provisioning,
Kubernetes, integrations, and test project configurations. | |
View Onboarding Plans | View onboarding plans | |
Manage Onboarding Plans | Create, update, run, or delete onboarding plans | |
Catalog
| ||
View Content | ||
Manage Content | Add, update, delete content sources. Customize the
content, including the catalog icons and request
forms. | |
Policies
| ||
View Policies | View policy definitions. | |
Manage Policies | Create, update, or delete policy definitions. | |
Deployments
| ||
View Deployments | View all deployments,
including deployment details, deployment history, alerts, and
troubleshooting information. | |
Manage Deployments | View all deployments,
respond to alerts, and run all day 2 actions that the day 2
policies allow an administrator to run on deployments and
deployment components. | |
Cloud Templates
| ||
View Cloud
Templates | View cloud templates. | |
Manage Cloud
Templates | Create, update, test, delete, version, share cloud templates, and
release/unrelease a cloud template version. | |
Edit Cloud
Templates | Create, update, test, version, share cloud templates, and
release/unrelease a cloud template version. The role does not have
permission to delete cloud templates. | |
Deploy Cloud
Templates | Test and deploy any
cloud template in any project. | |
Deploy In-line Cloud
Template Content | Deploy any cloud
template in the projects that the assignees are associated with.
The project roles can be administrator, member, or viewer. | |
View property groups | View all property groups for all projects. | |
Manage property groups | Create, update, and delete property groups in any
project. | |
XaaS
| ||
View Custom Resources | View custom resources. | |
Manage Custom Resources | Create, update or delete custom resources. | |
View Resource Actions | View custom actions. | |
Manage Resource Actions | Create, update, or delete custom actions | |
Extensibility
| ||
View Extensibility Resources | View events, subscriptions, event topics, actions, workflows,
action runs, and workflow runs. | |
Manage Extensibility Resources | Create, update, delete, and deactivate extensibility
subscriptions.
Create, update, or delete extensibility actions. Cancel or
delete extensibility action runs. | |
Pipelines
| ||
Manage Pipelines | Create, edit, and delete pipeline, endpoint, variable, and
trigger configurations. Restricted models
are excluded. | |
Manage Restricted Pipelines | Create, edit, and delete pipeline, endpoint, variable, and
trigger configurations. Restricted models
are included. | |
Manage Custom Integrations | Add, edit, and delete custom integrations. | |
Execute Pipelines | Run pipeline model executions and triggers, and pause, cancel,
resume, or re-run the executions and triggers. | |
Execute Restricted Pipelines | Run pipeline model executions and triggers, and pause, cancel,
resume, or re-run the executions and triggers. Resolve restricted
endpoints and variables. | |
Manage Executions | Run pipeline model executions and triggers, and pause, cancel,
resume, or re-run the executions and triggers. Resolve restricted
endpoints and variables. Delete
executions. | |
Approvals
| ||
Manage Approvals | View the Approvals
tab where you can approve or reject approval requests. Approver with this
role will not receive an email notification about an approval
request unless they are an approver in the policy. |