KKSAdmin
Enthusiast
Enthusiast

Granular Access to edit security groups only?

Jump to solution

Is there a way to provide admins with the ability to edit security group membership but NOT to allow firewall edits? Thanks!

0 Kudos
1 Solution

Accepted Solutions
bayupw
Leadership
Leadership

The current available built in roles (including the latest NSX 6.4.2), roles that has Read/Write permission to security groups and tagging would also have Read/Write permission to Firewall Config.

If you need more specific fine grained granular permissions, you may want to explore third party solution such as HyTrust or ReSTNSX

Bayu Wibowo | VCIX6-DCV/NV Author of VMware NSX Cookbook http://bit.ly/NSXCookbook https://github.com/bayupw/PowerNSX-Scripts https://nz.linkedin.com/in/bayupw | twitter @bayupw

View solution in original post

0 Kudos
1 Reply
bayupw
Leadership
Leadership

The current available built in roles (including the latest NSX 6.4.2), roles that has Read/Write permission to security groups and tagging would also have Read/Write permission to Firewall Config.

If you need more specific fine grained granular permissions, you may want to explore third party solution such as HyTrust or ReSTNSX

Bayu Wibowo | VCIX6-DCV/NV Author of VMware NSX Cookbook http://bit.ly/NSXCookbook https://github.com/bayupw/PowerNSX-Scripts https://nz.linkedin.com/in/bayupw | twitter @bayupw

View solution in original post

0 Kudos