The list below includes the permissions related to vCloud Director resources.

  • Users with the Administrator role in OnApp have vCloud Director related permissions enabled by default. They can create and manage vCloud Director resources if there is a vCloud Director compute resource in the cloud.
  • The vCloud Director permissions list is not updated in OnApp for custom roles imported from vCD.

List of Permissions

Catalogs

OnApp administrators can control users' ability to manage vCloud Director catalogs through the Control Panel's Roles menu. You can set the following catalogs permissions for user roles:

  • Any action on Catalogs - the user can take any action on catalogs
  • Create a new Catalog - the user can create new catalogs
  • Delete any Catalog - the user can delete any catalog
  • Delete own Catalogs - the user can only delete own catalogs
  • Read any Catalog - the user can see the the list of all catalogs
  • Read own Catalogs - the user can only see own catalogs
  • Read public Catalogs - the user can view shared catalogs form other user groups
  • Update any Catalog - the user can edit any catalog

For details, refer to the Catalogs section.

Buckets

OnApp administrators can control users' ability to manage the buckets. This is handled through the Control Panel's Roles menu. You can set the following bucket permissions for user roles:

  • Any action on buckets - the user can take any action on any bucket
  • Create a new bucket - the user can create a new bucket
  • Delete any bucket - the user can delete any bucket
  • See list of all buckets - the user can see list of all buckets
  • See details of any bucket - the user can see details of any bucket
  • See own bucket - the user can only see own bucket
  • Update any bucket - the user can edit any bucket

For details, refer to the vCloud Director Buckets section.

Dashboard

OnApp administrators can control users' access to the dashboard through the Control Panel's Roles menu. You can set the following vCloud Director dashboard permissions for user roles:

  • Show vCloud dashboard - the user can see vCloud Director details on the dashboard

Edge Gateways

OnApp administrators can control users' ability to manage vCloud Director edge gateways through the Control Panel's Roles menu. You can set the following edge gateway permissions for user roles:

  • Any action on edge gateways - the user can take any action on edge gateways
  • Manage Advanced Edge Gateway Services - the user can manage advanced edge gateway services
  • Create new edge gateways - the user can create new edge gateways
  • Delete any edge gateways - the user can delete any edge gateways
  • Delete own edge gateways - the user can delete only own edge gateways
  • Manage Services in vCD UI - the user has access to the Services tab at Control Panel > Edge Gateways > Label.
  • Read any edge gateways - the user can see the list of all edge gateways
  • Read own edge gateways - the user can only see own edge gateways
  • Update any edge gateways - the user can update any edge gateways
  • Update own edge gateways - the user can update only own edge gateways

For details, refer to the Manage Edge Gateways section.

Nat Rules

OnApp administrators can control users' ability to manage vCloud Director nat rules. This is handled through the Control Panel's Roles menu. You can set the following vCloud Director nat rules permissions for user roles:

  • Any action on nat rules - the user can take any action on nat rules
  • Create nat rules - the user can create a nat rule in any edge gateway
  • Delete any nat rule - the user can delete any nat rule
  • Delete own nat rules - the user can delete only own nat rules
  • See any nat rule - the user can see all nat rules
  • See own nat rules - the user can see only own nat rules
  • Edit any nat rule - the user can edit all nat rules
  • Edit own nat rules - the user can edit only own nat rules

For details, refer to the Nat Rules section.

Orchestration Models

OnApp administrators can control users' ability to manage orchestration models through the Control Panel's Roles menu. You can set the following orchestration models permissions for user roles:

  • Create new Orchestration Model - the user can create a new orchestration model
  • Delete any Orchestration Model  - the user can delete any orchestration model
  • Deploy any Orchestration Model - the user can deploy any orchestration model
  • Read any Media - the user can see any orchestration model

For details, refer to the Orchestration Models section.

Org Networks

OnApp administrators control how users can manage org networks. This is handled through the Control Panel's Roles menu. You can set the following org network permissions for user roles:

  • Any action on  org networks - the user can take any action on org networks
  • Create a new org network - the user can create a new org network of any type
  • Create a new bridged org network - the user can create a new direct org network 
  • Create a new isolated org network - the user can create a new isolated org network 
  • Create a new routed org network - the user can create a new routed org network 
  • Destroy any org network - the user can delete any org network
  • See all org networks - the user can see all org networks
  • Update any org network - the user can edit any org network

For details, refer to the Organization Networks section.

Payments

OnApp administrators control how users can manage company payments. This is handled through the Control Panel's Roles menu. You can set the following company payments permissions for user roles:

  • See own company payments - the user can only see their own company payments

For details, refer to the Payments section.

Provider Resource Pools

OnApp administrators control whether users can view vCloud Director provider resource pools. This is handled through the Control Panel's Roles menu. You can set the following provider resource pool permissions for user roles:

  • Any action on Provider Resource Pools - the user can take any action on provider resource pools
  • Read any Provider Resource Pool - the user can view any provider resource pool

For details, refer to the Provider Resource Pools section.

Resource Pool

OnApp administrators control how users can manage vCloud Director resource pools. This is handled through the Control Panel's Roles menu. You can set the following resource pool permissions for user roles:

  • Any action on Resource Pools - the user can take any action on resource pools
  • Create a new Resource Pool - the user can create a new Resource Pool
  • Delete any Resource Pools - the user can delete any resource pool
  • Read any Resource Pool - the user can see the list of all resource pools
  • Update any Resource Pool - the user can edit any Resource Pool

For details, refer to the Resource Pool section.

Resource Pool Statistics

OnApp administrators control how users can manage vCloud Director resource pool statistics. This is handled through the Control Panel's Roles menu. You can set the following resource pool statistics permissions for user roles:

  • Any action on resource pool statistics - the user can take any action on any resource pool statistics
  • See all resource pools statistics - the user can see statistics for all resource pools
  • See own resource pools statistics - the user can see statistics for own resource pools only

For details, refer to the Resource Pool Statistics section.

vApps

OnApp administrators can control users' ability to manage vApps. This is handled through the Control Panel's Roles menu. You can set the following vApps permissions for user roles:

  • Any action on vApps – the user can take any action on vApps
  • Assign recipes to VS – the user can assign provisioning recipes to Virtual Server on vApp deployment
  • Change vApp owner - the user can change the owner of a vApp
  • Compose vApp - the user can compose a vApp from vApp Templates
    Convert vApp – the user can convert vApp into vApp Template
  • Create a new vApp – the user can create a new vApp
  • Customize VS guest OS - the user can customize Virtual Server guest OS on vApp deployment
  • Delete any vApp – the user can destroy any vApp
  • Delete own vApps – the user can only destroy their own vApps
  • Any power action on vApps – the user can take any power actions on vApps
  • Any power action on own vApps – the user can only take power actions on their own vApps
  • Read any vApps – the user can view any vApps
  • Read own vApps – the user can only view their own vApps
  • Edit any vApp – the user can edit any vApp
  • Edit own vApps – the user can only edit their own vApps

For details, refer to the vApps section.

vApp Networks

OnApp administrators control how users can manage vApp networks. This is handled through the Control Panel's Roles menu. You can set the following vApp network permissions for user roles:

  • Any action on  vApp networks - the user can take any action on vApp networks
  • Create a new vApp network - the user can create a new vApp network
  • Destroy any vApp network - the user can delete any vApp network
  • See all vApp networks - the user can see all vApp networks
  • Update any vApp network - the user can edit any vApp network

For details, refer to the vApps Networks section.

vApp Templates

OnApp administrators can control users' ability to manage vApp templates. This is handled through the Control Panel's Roles menu. You can set the following  vApp template permissions for user roles:

  • Any action on vApp templates  – the user can take any action on vApp templates
  • Create any vApp templates – the user can create any vApp template
  • Delete any vApp templates  – the user can destroy any vApp template
  • See any vApp templates - the user can see any vApp templates
  • See own vApp templates - the user see only own vApp templates
  • See vApp templates from shared catalogs - the user can see vApp templates from shared catalogs

For details, refer to the vApps Templates section.

vCloud Permissions

OnApp administrators can control users' ability to manage vCloud permissions. This is handled through the Control Panel's Roles menu. You can set the following vCloud Director permissions for user roles:

  • Administrator Control - the user can manage general administrative stuff (for example, edit all fields in own user profile). Without this permission the user has no ability to edit own first name, last name and email fields in user profile.

For details, refer to the vCloud Permissions section.

Virtual Servers

OnApp administrators can control users' ability to manage vCloud virtual servers. This is handled through the Control Panel's Roles menu. You can set the following vCloud virtual servers permissions for user roles:

  • Install VMWare tools - the user can install VMWare tools (applicable for vCloud Director VSs)

  • Access To vCD UI -  the user can access vCloud Director UI

For details, refer to the vCloud Virtual Servers section.

Virtual Server Snapshots

OnApp administrators can control user's access to VMware virtual server snapshots. You can set the following snapshot permissions:

  • Any action on Virtual Server Snapshots - the user can take any action on snapshots
  • Create or Restore own Virtual Server Snapshot - the user can create/restore own snapshots
  • Destroy own Virtual Server Snapshot - the user can delete own snapshots
  • See own Virtual Server Snapshots - the use can see the list of own snapshots

For details, refer to vCloud Director VS Snapshots section.