Some tasks in vSphere require users to have certain permissions in order to complete successfully. When you create a private cloud, VMware Engine performs an initial setup of vSphere permissions for your ease of management. This document provides you with guidance on further managing permissions in vSphere.
Before you begin
To manage vSphere permissions for your private cloud, you must first elevate your privileges. Elevating your privileges through VMware Engine gives you the ability to perform administrative functions in vSphere.
Managing vCenter user groups
Users in the
Cloud-Owner-Group group can administer various parts of the
vSphere environment in the private cloud. The
Cloud-Owner-Group group is
Cloud-Owner-Role privileges, and the
is added as a member of this group.
Google creates additional groups with limited privileges for ease of management. You can add any user to these pre-created groups, and this process assigns the corresponding privileges to the user.
For a full list of pre-created vCenter user groups and their associated vCenter privileges, see Private cloud VMware vCenter permission model.
Granting management permission to individual users
To grant an individual user permissions to manage the private cloud, create a user account and add it to the appropriate groups:
Creating new user groups
You can create additional user groups to enable access control for vCenter
users. However, new user groups must have permissions that are lower than
Cloud-Owner-Role. Groups with permissions higher than
are automatically reset to
- Learn how to elevate private cloud privileges.
- Learn how to set up vCenter identity sources.
- Learn more about the private cloud vCenter permission model.
- Learn more about VMware on your private cloud.