5.1 User Roles
When vCloud Availability extension is registered, a new vSphere Replication role and rights are created in vCloud Director:
Figure 15. vCloud Director vSphere Replication Role
The Organization Administrator does not have these rights assigned by default.
Cloud proxy-related rights (To-the-Cloud Tunnel and From-the-Cloud Tunnel) are also present in vCloud Director and are already assigned to the Organization Administrator.
Figure 16. Cloud Proxy-Related Rights
When the tenant is configuring its vCloud Availability for vCloud Director replication endpoint, he can enter two different credentials—one for administration and another for monitoring.
Figure 17. Tenant Connection Setting Dialog
To support two different roles the changes in the following table should be made to default vCloud Director roles.
Table 13. vCloud Director Role Adjustments
Role | Changes |
Organization Administrator (existing role) | Add: {com.vmware.vr}.ManageRight {com.vmware.vr}:ViewRight |
Replication Monitoring (new role) | Organizations – View Organization Networks Organizations – View Organizations Organization VDC – View Organization VDCs {com.vmware.vr}:ViewRight {com.vmware.vr}:ManageRight |