Assign NSX Service Roles to Organization
Members
Grant users in your organization an NSX
service role to allow them to view or configure features on the Networking & Security
tab.
You must be an Organization Owner to assign a role to
an organization member.
Organization roles specify the privileges
that an organization member has over organization assets. Service roles specify the
privileges that an organization member has when accessing VMware Cloud Services that
the organization uses. All service roles can be assigned and changed by a user with
organization owner privileges, so restrictive roles such as Administrator (Delete
Restricted) or NSX Cloud Auditor should be assigned along with the role of
organization member to prevent modification.
A user must log out and then log back in for
a new service role to take effect.
- Log in to theVMC GovCloud Consoleat https://www.vmc-us-gov.vmware.com/.
- Click the services icon and selectIdentity & Access Management.
- SelectActive Usersand click a user.
- ClickEdit Roles.
- Select a role name from theAssign Organization Rolesdrop-down control.The following roles are available:
- Organization Owner
- This role has full rights to manage organization members and assets.
- Organization Member
- This role has rights to access organization assets.
- Select theVMware Cloud on AWSservice name underAssign Service Roles.
- Select an NSX service role to assign.The following NSX service roles are available:
- NSX Cloud Auditor
- This role can view NSX service settings and events but cannot make any changes to the service.
- NSX Cloud Admin
- This role can perform all tasks related to deployment and administration of the NSX service.
When multiple service roles are assigned to an organization user, permissions are granted for the most permissive role. For example, an organization member who has both the NSX Cloud Admin and NSX Cloud Auditor roles is granted all the NSX Cloud Admin permissions, which include those granted to the NSX Cloud Auditor role. - ClickSAVEto save your changes.
Ensure that any users whose roles were
changed log out and log back in for the changes to take effect.