HassanAlKak88
Expert
Expert

NSX-V Role & Permissions

Hello,

My request is what is the role should i assigned to a domain user to perform all NSX tasks without any access to vCenter tasks or for minimum Read-Only to vCenter tasks.

Because as per my understanding from the below screenshot, if i give NSX admin it will be with R&W access to vCenter & SSO configuration. is that right ?

pastedImage_0.png

Please advise,


Cheers,
vExpert2020-2019||vExpert-NSX2020||VCIX6-NV||VCAP-NV-DCV||VCP-NV-DC-CMA||CCNA-R&S
Twitter: @KakHassan
LinkedIn: linkedin.com/in/hassanalkak
0 Kudos
2 Replies
Nick_Andreev
Expert
Expert

Hi @HassanAlKak88,

No, NSX roles are for permissions to NSX. vCenter and SSO configuration you are referring to is for pairing NSX Manager to vCenter in NSX Manager appliance GUI.

---
If you found my answers helpful please consider marking them as helpful or correct.
VCIX-DCV, VCIX-NV, VCAP-CMA | vExpert '16, '17, '18
Blog: http://niktips.wordpress.com | Twitter: @nick_andreev_au
0 Kudos
bayupw
Leadership
Leadership

Hi,

If you want to access to assign a user or a group to access NSX, you need to assign rights for the user/group to vCenter first.

Then only after that NSX can give permission to the user, as per this doc NSX assign a vCenter User: Assign a Role to a vCenter User

If the user does not exist or has not given a permission to vCenter, then you will not be able to give NSX permission to the user.

A minimum Read-Only access to vCenter is required.

If you want to give permission to a group, then you can review this doc: Group-Based Role Assignments

Bayu Wibowo | VCIX6-DCV/NV Author of VMware NSX Cookbook http://bit.ly/NSXCookbook https://github.com/bayupw/PowerNSX-Scripts https://nz.linkedin.com/in/bayupw | twitter @bayupw