vCloud Director includes predefined roles. Each of these roles includes a set of default rights.

The system administrator has super-user rights for the entire system. System administrator credentials are established during installation and configuration. A system administrator can create additional system administrator accounts. All system administrators are members of the system organization. You cannot modify the rights associated with this role.

After creating an organization, a system administrator can assign the role of organization administrator to any user in the organization. An organization administrator has super-user rights within that organization, and can assign any of the predefined roles to the organization's users and groups.

Organization Administrator

An organization administrator can assign the role of organization administrator to any member of an organization.

Catalog Author

The rights associated with the catalog author role allow a user to create and publish catalogs.

vApp Author

The rights associated with the vApp Author role allow a user to use catalogs and create vApps.

vApp User

The rights associated with the vApp User role allow a user to use existing vApps.

Console Access Only

The rights associated with the Console Access Only role allow a user to view virtual machine state and properties and to use the guest OS.

Each predefined role includes a set of default rights. If an organization administrator modifies the set of rights associated with a predefined role, those modifications apply only in the context of that organization. If a system administrator modifies the set of rights associated with a predefined role, those modifications apply to all organizations in the system.

You classify rights according to the objects to which they apply.

Admin rights are granted to the system administrator throughout the system, and to an organization administrator within the organization.

Rights Associated With Catalogs

Description

Admin

Catalog Author

vApp Author

vApp User

Console Access Only

Catalog: Add vApp from My Cloud

Permission to add a vApp to a catalog from My Cloud.

X

X

X

Catalog: Change Owner

Permission to change the owner of a catalog.

X

Catalog: VCSP Publish Subscribe

Permission to publish and subscribe to catalogs using VCSP.

X

X

X

Catalog: Enable a vApp template or media item for download

Permission to enable a vApp template or media item to be downloaded.

X

X

Catalog: Create or Delete a Catalog

Permission to create and delete catalogs

X

X

Catalog: Edit Properties

Permission to edit catalog properties.

X

X

Catalog: Publish

Permission to publish catalogs.

X

X

Catalog: Sharing

Permission to share catalogs.

X

X

Catalog: View Private and Shared Catalogs

Permission to view both private and shared catalogs.

X

X

X

Catalog: View Published Catalogs

Permission to view published catalogs.

X

Rights Associated With Independent Disks

Description

Admin

Catalog Author

vApp Author

vApp User

Console Access Only

Disk: Change Owner

Permission to change the owner of an independent disk.

X

X

Disk: Create

Permission to create independent disks.

X

X

X

Disk: Delete

Permission to delete independent disks.

X

X

X

Disk: Edit Properties

Permission to edit the properties of an independent disk.

X

X

X

Disk: View Properties

Permission to view the properties of an independent disk.

X

X

X

X

Rights Associated With vApp Templates and Media

Description

Admin

Catalog Author

vApp Author

vApp User

Console Access Only

vApp Template or Media: Create or Upload

Permission to create and upload vApp templates and media files.

X

X

vApp Template or Media: Edit

Permission to edit vApp templates and media files.

X

X

vApp Template or Media: View

Permission to view vApp templates and media files.

X

X

X

X

vApp Template: Checkout (Add to My Cloud)

Permission to add vApp templates to My Cloud.

X

X

X

X

Rights Associated With vApps

Description

Admin

Catalog Author

vApp Author

vApp User

Console Access Only

vApp: Change Owner

Permission to change the owner of a vApp.

X

vApp: Copy

Permission to copy a vApp.

X

X

X

X

vApp: Create or Reconfigure

Permission to create and reconfigure vApps.

X

X

X

vApp: Delete

Permission to delete a vApp.

X

X

X

X

vApp: Edit Properties

Permission to edit a vApp's properties.

X

X

X

X

vApp: Edit VM CPU

Permission to edit virtual machine CPUs

X

X

X

vApp: Edit VM Hard Disk

Permission to edit virtual machine hard disks.

X

X

X

vApp: Edit VM Memory

Permission to edit virtual machine memory.

X

X

X

vApp: Edit VM Network

Permission to edit virtual machine network configuration.

X

X

X

X

vApp: Edit VM Properties

Permission to edit virtual machine properties.

X

X

X

X

vApp: Manage VM Password Settings

Permission to edit virtual machine password settings.

X

X

X

X

X

vApp: Power Operations

Permission to power vApps on and off.

X

X

X

X

vApp: Sharing

Permission to share vApps.

X

X

X

X

vApp: Snapshot Operations

Permission to take and delete virtual machine snapshots.

X

X

X

X

vApp: Use Console

Permission to use the virtual machine console.

X

X

X

X

X

All of these rights are granted to the system administrator throughout the system, and to an organization administrator within the organization. These rights are not granted to any other predefined role.

Other Administrative Rights

Description

Admin

Catalog Author

vApp Author

vApp User

Console Access Only

General: Administrator Control

Permission to use all administrator privileges.

X

General: Administrator View

Permission to view vCloud Director as an administrator.

X

General: Send Notification

Permission to send vCloud Director user notifications.

X

Group or User: View

Permission to view users and groups.

X

Organization Network: Edit Properties

Permission to edit the properties of organization networks.

X

Organization Network: View

Permission to view the properties of organization networks.

X

Organization VDC Gateway: Configure Services

Permission to configure gateway services.

X

Organization VDC Network: Edit Properties

Permission to edit the properties of an organization virtual data center network

X

Organization VDC Network: View Properties

Permission to view the properties of an organization virtual data center network.

X

Organization VDC Storage Policy: Set Default

Permission to set the default storage policy for an organization virtual data center.

X

Organization VDC: View

Permission to view organization virtual data centers.

X

Organization: Edit Federation Settings

Permission to edit an organization's federation settings.

X

Organization: Edit Leases Policy

Permission to edit an organization's leases policy.

X

Organization: Edit Password Policy

Permission to edit an organization's password policy.

X

Organization: Edit Properties

Permission to edit organization properties.

X

Organization: Edit Quotas Policy

Permission to edit an organization's quotas policy.

X

Organization: Edit SMTP Settings

Permission to edit an organization's SMTP settings.

X

Organization: View

Permission to view organizations.

X