VMware Cloud Community
tps5
Contributor
Contributor
‎12-02-2019 06:32 AM

vROPS Policies

I want app teams to be able to create their own policies for monitoring their VMs. Is there any way to do granular permissions for each policy? So they can create new children policies, but not modify the default/parent policy, etc. Or is there a tenant system where they can login to our on-prem vROPS and do their own thing basically?

Reply
3 Replies
daphnissov
Immortal
Immortal
‎12-02-2019 06:35 AM

There's no ability like that to my knowledge. That's very specific and something I've never seen it handle.

------------------
How to Ask for Help on Tech Forums
https://neonmirrors.net
Reply
virtualg_uk
Leadership
Leadership
‎12-02-2019 06:57 AM

Correct, you cannot customize policies at the tenant level. This is because you cannot assign RBAC roles at the policy level.

There is a great guide on setting up multi-tenancy vROps by Yves Sandfort here: https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/vcat/vmware-multitenant-vrealize-o...


Graham | User Moderator | https://virtualg.uk
Reply
0 Kudos
sxnxr
Commander
Commander
‎12-02-2019 03:02 PM

I am not sure i would want app teams doing anything to policies. They could turn of one metric and mess up a lot more and you could spend stupid amount of time working out what one to enable again. On the flip side if they enable all metrics and mess with the vrops sizing. And the last thing is if they or other teams have lots of supermetrics they could enable them on the wrong object and add load the vrops. As an example creating a SM for a cluster but enabling it on the VM objects (bad designed SM) vrops will try to calculate that SM for every VM taking up processing

Reply
0 Kudos