vCenter Permissions
The list below includes the permissions related to vCenter Resources.
- Users with the Administrator role in OnApp have vCenter related permissions enabled by default. They can create and manage vCenter resources if there is a vCenter compute resource in the cloud.
- Users with vCenter User role have all OnApp User permissions, default permissions for vCenter User role, and two extra permissions necessary to create a vCenter VS:
- Read all public OVAs
- See Compute Resource during virtual server creation
- Users with OnApp User role have limited vCenter permissions enabled by default, and cannot create a vCenter VS.
- The vCenter permissions list is not updated in OnApp for custom roles imported from vCenter.
Default Permissions for vCenter User Role
vCenter Clusters
OnApp administrators can control users' ability to manage vCenter clusters through the Control Panel's Roles menu. You can set the following cluster permissions for user roles:
- Any actions on vCenter Clusters - the user can take any action on vCenter clusters
- Show vCenter Clusters on Virtual Server creation - the user can see vCenter Clusters on Add New Virtual Server screen
vCenter Datacenters
OnApp administrators can control users' ability to manage vCenter datacenters. This is handled through the Control Panel's Roles menu. You can set the following datacenters permissions for user roles:
- Any actions on vCenter Datacenters - the user can take any action on vCenter Datacenters
- Show vCenter Datacenters on Virtual Server creation - the user can see vCenter Datacenters on Add New Virtual Server screen
vCenter Servers
For more details, refer to the vCenter Servers section of this guide.
vCenter Templates
- Any actions on vCenter Templates - the user can take any action on vCenter templates
- See any vCenter Templates - the user can see any vCenter templates
- Update any vCenter Templates - the user can edit any vCenter templates
vCenter Resource Pool
- Add a new vCenter Resource Pool - the user can add a vCenter Resource Pool
- Delete own vCenter Resource Pool - the user can delete own vCenter Resource Pool
- See own vCenter Resource Pool - the user can see own vCenter Resource Pool
- Update own vCenter Resource Pool - the user can update own vCenter Resource Pool
Virtual Servers
- Resync vCenter VS - the user can run the re-import vCenter VS transaction
Other vCenter Permissions
NSX Edges
OnApp administrators can control users' ability to manage NSX edges through the Control Panel's Roles menu. You can set the following NSX edges permissions for user roles:
- Any action on edge - the user can take any action on NSX edges
- See any edge - the user can see any NSX edge
NSX Firewall Rules
OnApp administrators can control users' ability to manage NSX firewall rules through the Control Panel's Roles menu. You can set the following firewall rules permissions for user roles:
- Create any firewall rule - the user can create a new NSX firewall rule
- See any firewall rules - the user can see any NSx firewall rules
NSX Firewall Services
OnApp administrators can control users' ability to manage NSX firewall services through the Control Panel's Roles menu. You can set the following firewall services permissions for user roles:
NSX IPSec Services
OnApp administrators can control users' ability to manage NSX IPSec services through the Control Panel's Roles menu. You can set the following IPSec services permissions for user roles:
NSX IPSec Sites
OnApp administrators can control users' ability to manage NSX IPSec sites through the Control Panel's Roles menu. You can set the following IPSec sites permissions for user roles:
NSX L2 VPN Peer Sites
OnApp administrators can control users' ability to manage NSX L2 VPN peer sites through the Control Panel's Roles menu. You can set the following L2 VPN peer sites permissions for user roles:
NSX L2 VPN Services
OnApp administrators can control users' ability to manage NSX L2 VPN services through the Control Panel's Roles menu. You can set the following L2 VPN services permissions for user roles:
NSX Load Balancer Application Profiles
OnApp administrators can control users' ability to manage NSX load balancer application profiles through the Control Panel's Roles menu. You can set the following load balancer application profiles permissions for user roles:
NSX Load Balancer Application Rules
OnApp administrators can control users' ability to manage NSX load balancer application rules through the Control Panel's Roles menu. You can set the following load balancer application rules permissions for user roles:
NSX Load Balancer Monitors
OnApp administrators can control users' ability to manage NSX load balancer monitors through the Control Panel's Roles menu. You can set the following load balancer monitors permissions for user roles:
NSX Load Balancer Pools
OnApp administrators can control users' ability to manage NSX load balancer pools through the Control Panel's Roles menu. You can set the following load balancer pools permissions for user roles:
NSX Load Balancer Services
OnApp administrators can control users' ability to manage NSX load balancer services through the Control Panel's Roles menu. You can set the following load balancer services permissions for user roles:
NSX Load Balancer Virtual Servers
OnApp administrators can control users' ability to manage NSX Edge internal or uplink interfaces as virtual servers through the Control Panel's Roles menu. You can set the following permissions for user roles:
NSX Managers
OnApp administrators can control users' ability to manage NSX managers through the Control Panel's Roles menu. You can set the following NSX managers permissions for user roles:
NSX NAT Rules
OnApp administrators can control users' ability to manage NSX NAT rules through the Control Panel's Roles menu. You can set the following NAT rules permissions for user roles:
NSX NAT Services
OnApp administrators can control users' ability to manage NSX NAT services through the Control Panel's Roles menu. You can set the following NAT services permissions for user roles:
vCenter Resource Pools
OnApp administrators can manage vCenter resource pools. You can set the following permissions for user roles:
- Any actions on vCenter Resource Pools - the user can take any action on vCenter Resource Pool
- Delete any vCenter Resource Pool - the user can delete a vCenter Resource Pool
- See any vCenter Resource Pool - the user can see any vCenter Resource Pool
- Update any vCenter Resource Pool - the user can update any vCenter Resource Pool
- Change an owner of any vCenter Resource Pool - the user can change the owner of any vCenter Resource Pool
Virtual Servers
- Infrastructure Mode - the user can build managed vCenter VSs
See Create Custom vCenter VS for more details.
Synonyms for "update"updatingupgradeupgradingmodernizationrefreshdiscountingmodernizeinformbriefnotifyadviseapprise