vRealize Automation uses VMware Workspace ONE Access, the VMware supplied identity management application to import and manage users and groups. After users and groups are imported or created, you can manage the role assignments for single tenant deployments using the Identity & Access Management page. This blog will focus on user permissions and the role that has to be assigned for a user to request an item from the catalog.
VMware vRealize Automation 8.1 – Part1: Cloud Assembly & Service Broker
VMware vRealize Automation 8.1 – Part2: Cloud Accounts, Projects & Cloud Zones
VMware vRealize Automation 8.1 – Part3: Flavor Mapping & Image Mapping
VMware vRealize Automation 8.1 – Part4: Network Profiles
VMware vRealize Automation 8.1 – Part5: Blueprints
VMware vRealize Automation 8.1 – Part6: Content & Catalog
VMware vRealize Automation 8.1 – Part7: User Permissions, Roles & Branding
We have already integrated our Active Directory in vIDM. And a user name ‘Broker’ was created. Refer to my earlier blog here.
We will use ‘Broker’ user account to give permissions. So that ‘Broker’ can request catalog items from vRA.
Log into vRA> Identity & Access Management> Check the box for ‘Broker’ user under Active Users.
You will see all users here from our active directory, since we have integrated vIDM into vRA.
Assign Org Role: Org Member
Assign Service Role: Service Broker
With Role: Service Broker User
This configuration will give ‘Broker’ user to access only ‘Service Broker’ page and request item from the catalog.
Logout and Log into vRA using Broker user.
Notice that the only service available is ‘Service Broker’
Click on it and request for a catalog item.
Notice that the ‘Requestor’ name is ‘Broker’.
‘Broker’ user will have access to request for an item
That was simple example of assigning user permissions, likewise you can define who can do what and what services should be available for a particular user.
Please check detailed documentation on user roles in vRA here on VMware Official Site.
We now move to ‘Branding’ part to give nice look to your vRA portal.
vRA allows you to do custom branding for each tenant. You can define logo and colors of your web page. By default, I see following default branding before I apply my own.
After custom branding, I see it like this.
I added a company logo, text color, background color & product name.
Log into vRA with IDM user. Click on ‘Branding’ tab and define parameters.
It was that simple to do the branding of vRA portal. 😊
With that we have come to an end of this series. It’s always fun working on vRA. I have seen it since version 6.X. The end results are always satisfactory, and it simplifies your daily tasks. See you in next post.
Are you looking out for a lab to practice VMware products..? If yes, then click here to know more about our Lab-as-a-Service (LaaS).
Leave your email address in below box below to receive notification on my new blogs.
Just fyi sir
Along with service level permission, Project level(administrator, member) permission perform key role.