we are currently evaluation VMware NSX and vRA.
Regarding this, i have some questions regarding NSX and vRA.
We are a service provider. The customer ESXi hosts are in dedicated Cluster (one cluster per Customer) but in one vCenter (customer does not have access to vCenter, PaaS).
We installed vRA, created an tenant for each customer. Everything fine. Every customer can only create stuff in their Cluster.
Then we added NSX and created some securty groups. And here is my first questions:
Every customer see ALL! security groups of all customers in the Blueprint Desginer. As we only have one vCenter we also have only one NSX Manager.
How can we seperate the customer security groups?
I can assign security groups via the blueprint designer. I also added a ressource action to run the NSX "Add VM to security group workflow".
But is there no way to show the currently assigned security groups in vRA?
1.-from vRA just create the BP for specific tenant using in reservations the specifyc SG , ie. select for instance Tenant A will have only th euse of SG A B C no C D and E
2.-I belive that if you want to have a like a dynamic check just before deployment of new VM in a SG from BP you can use VRO plugin "Get members of SG" then you can check what is the membership.
hope this helps