Hello. I can't seem to get the CloudClient to work with a standard user account. It seems like they need at least some sort of elevated access its just not immediately obvious what. If I try to login to IaaS with my normal user account I get a refusal. I'm assuming this is because they are not allowed as a business group manager or some role that would need access to the IaaS piece. This is a simple user that can only deploy what they are entitled to in the catalog. I haven't attempted to see if they can do other actions like power off their vm yet. Any guidance would be appreciated.
Assumptions:
You created the separate Tenant
You also created two Business Groups
You have Catalog with necessary offerings
My views:
Yes you need to setup the Catalog in proper order - based on your setup model (for permissions) make sure below things are available
Blue prints created and published - Tenant Admin (ideal case)
Configure Catalog created via Administration - Catalog Items (make sure status is Active)
Finally make sure this user is Entitled for this offering
Hope this helps and many user roles may confuse us to troubleshoot such scenarios
We have a fully working deployment. I can login through the gui and deploy from the catalog all day. When I use the cloud client with my non administrative account I get errors. Login with my administrative account and everything seems to work. When I say CloudClient I am talking about the CLI .
Looks like my answer is without CloudClient ... let us wait for other expert answers
I tried to simulate this scenario in my lab setup and got below error message.
Exactly. That error should not happen. Although I can get a catalog list. I cannot list the business groups which I don't necessarily need as that information is in the catalog listing. It seems like I should be able to list the groups I am a member of at least. I cannot request the items even though I can list them. I get the same error as you are displaying.
Hmmm... since all I am getting is crickets in here I guess I'll open a support ticket.