VMware Cloud Community
andreaspa
Hot Shot
Hot Shot
‎11-21-2018 06:41 AM
Jump to solution

Unable to greate Edge Gateway as OrgAdmin

Hi,

My users that are assigned the Organization Administrator role are unable to create Edge Gateways both on HTML5 and FlexUI.

However, as System Administrator I can create Edge Gateways.

Is this a known restriction, and is there any way to circumvent it?

Regards

Andreas

Reply
1 Solution

Accepted Solutions
paluszekd
VMware Employee
VMware Employee
‎11-23-2018 04:31 AM
Jump to solution

Andreas,

This is under version 9.5 - I can manage the rights bundle at https://<vcd-fdqn>/provider under Administration.

-Daniel

View solution in original post

Reply
6 Replies
avgvizoso
Contributor
Contributor
‎11-21-2018 10:59 AM
Jump to solution

Hi Andreas,

How are you?

I think that as an Organization Administrator you cannot create NSX Edges. You only can create NSX Edges as System Admin.

Thanks!

Reply
0 Kudos
paluszekd
VMware Employee
VMware Employee
‎11-21-2018 12:22 PM
Jump to solution

While this wasn't possible in previous versions of vCD, 9.5 now introduces rights bundles that could be utilized. In a rights bundle, I have the ability to publish out Create Gateway -

pastedImage_0.png

I just did a test with my orgadmin account and now I have the ability to create a new Edge under my orgadmin account. However, I think there are other permissions required above the Create Gateway for this to work properly.

pastedImage_1.png

Cheers

-Daniel

Reply
0 Kudos
andreaspa
Hot Shot
Hot Shot
‎11-23-2018 12:55 AM
Jump to solution

Thanks for that reply Daniel!

Do you know where this rights-bundle can be downloaded from?

I only have the ability to add "View Gateway" to Rights under Roles.

/Andreas

Reply
0 Kudos
paluszekd
VMware Employee
VMware Employee
‎11-23-2018 04:31 AM
Jump to solution

Andreas,

This is under version 9.5 - I can manage the rights bundle at https://<vcd-fdqn>/provider under Administration.

-Daniel

Reply
andreaspa
Hot Shot
Hot Shot
‎11-23-2018 05:08 AM
Jump to solution

Look at that, I had not found this new provider UI yet (still used the FlexUI version), thanks!

There's lot of options to be explored and defined here, hidden from the other interface. Interresting, will investigate more! Thanks again!

/Andreas

Reply
0 Kudos
andreaspa
Hot Shot
Hot Shot
‎02-27-2019 05:33 AM
Jump to solution

After having tested this some more, I found that users got the following error on the first page of creating new edge gateways.

[ e6ad3b26-c626-4962-8667-84e3071b2dad ] Either you need some or all of the following rights [ORG_VDC_ADMIN_VIEW] to perform operations [ORGANIZATION_VDC_VIEW] for 2688daa6-d43f-420a-b2ed-06ba36613b4b or the target entity is invalid.

Which makes it so the users can't see any of the external networks at all when creating new edge gateways.

I've looked everywhere to find some info about what rights they equal to, but it's seems quite futile as search results are zero for any search for the above two rights..

Reply
0 Kudos