You can assign users specific roles to perform actions and view features and objects in vRealize Operations Manager. With role-based access, users can only perform the actions that their permissions allow.

You can manage user roles by selecting Administration > Access Control, and clicking the Roles tab.

You can view and edit details about a role, by selecting a role in the summary grid, and clicking the Edit icon in the Roles toolbar.

Access Control Roles Summary Grid

Option

Description

Roles toolbar

To manage roles, use the toolbar icons.

Add icon. Add a user role, and provide the name and description for the role in the Create Role dialog box.

Edit icon. Edit the selected user role, and modify the details for the role in the Edit Role dialog box.

Clone icon. Clone the selected user role.

Delete icon. Delete a user role.

Role Name

Name of the role to apply to a specific level of users, such as user for base users or Administrator for users with administrative permissions.

Role Description

Description of the role, indicating its purpose.

You can view details for the user accounts and user groups associated with a selected role in the Details panes

Access Control Roles Details Panes

Option

Description

User Accounts

The users assigned to the selected role. The information in this pane is based on the data entered when you created the user, or imported with the user.

First Name. Indicates the first name of each user who is assigned this role.

Last Name. Indicates the last name of each users who is assigned this role.

User name, without spaces, that will log in to vRealize Operations Manager.

Email. Indicates the email address for each user who is assigned this role.

User Groups

The user groups assigned the selected role.

Group Name: Name of each group that is associated with the selected role.

Members: Number of members in each group.

Permissions

Displays the permissions assigned to the role according to three categories: Administration, Content and Environment. Expand the tree of each category to view all the assigned permissions.

You can edit the permissions assigned to the role by clicking the Edit icon.

Click the Expand All button to expand the trees of all three categories, and select the check boxes to apply permissions for the selected role.

To assign all the available permissions to the selected role, select the Administrative Access - all permissions check box.

The actions named Delete Unused Snapshots for Datastore Express and Delete Unused Snapshots for VM Express appear, but can only be run in the user interface from an alert whose first recommendation is associated with this action. You can use the REST API to run these actions.

The actions named Set Memory for VM Power Off Allowed, Set CPU Count for VM Power Off Allowed, and Set CPU Count and Memory for VM Power Off Allowed are also not visible except in the alert recommendations, and are intended to be used to automate the actions with the Power Off Allowed flag set to true.