Visibility Privileges for NSX and vSphere Objects
CloudControl uses the following privileges to grant views to NSX and vSphere objects:
| Privilege Name | Description |
|---|---|
| NSXPlugin.View_All | Allows users to view all NSX objects. |
| DataCenter.View_All | Allows users to view all vSphere objects. |
Note:
- If a user needs to view both NSX and vSphere objects, you can assign the view_all privilege directly to that user. For example, if you grant the NSXPlugin.View_All privilege to a particular vSphere user, that user will be able to view all NSX objects.
-
If an NSX user does not have the NSXPlugin.View_All privilege and attempts to access NSX operations that are restricted, they will see the following message: No NSX Managers available. Verify current user has role assigned on NSX manager.
For vSphere, you can also grant or restrict access to vSphere managed inventory objects. Views for vSphere are restricted on a hierarchical basis. For example, if you grant the datacenter view, then the user can view everything in that datacenter. If you restrict the datacenter view, then the datacenter and all of its contents are hidden.
Note: If the vCenter environment is in linked mode, users have the same level of visibility privileges in all vCenters registered to the Platform Services Controller.
| vSphere Managed Inventory Object | Privilege Name | Description |
|---|---|---|
|
Datacenter |
Datacenter.View_All |
Allows vSphere users to view the datacenter and all child resources. |
|
Folder |
Folder.View_All |
Allows vSphere users to view a folder and all child resources. Note: Because all resources have default folders, any user with the Folder.View_All privilege can view all resources. |
|
Datastore |
Datastore.View_All |
Allows vSphere users to view a datastore and all files included. |
|
Cluster |
Host.Inventory.Cluster.View_All |
Allows vSphere users to view a cluster and all child resources. |
|
Host |
Host.Inventory.View_All |
Allows vSphere users to view a host and its child resources. |
|
DVSwitch |
DVSwitch.View_All |
Allows vSphere users to view a distributed virtual switch and its child resources. |
|
Follow us: |
