Objective 2.4: Manage User and Group Role Assignments

This is part of VCP7-CMA study guide – Objective 2.4: Manage User and Group Role Assignments.

Official Blueprint-


Knowledge

  • Explain the roles available to vRealize Automation and vRealize Business
  • Assign roles to individual users for a given design
  • Assign roles to directory groups for a given design
  • Create vRealize Automation custom groups and assign roles

Tools


Explain the roles available to vRealize Automation and vRealize Business

Assign roles to individual users for a given design

See “Assign roles to directory groups for a given design”.

Assign roles to directory groups for a given design

Prerequisites

Log in to the vRealize Automation console as a tenant administrator.

Procedure

  1. Select Administration > Users & Groups > Directory Users & Groups.
  2. Enter a user or group name in the Search box and press Enter.Do not use an at sign (@), backslash (\), or slash (/) in a name. You can optimize your search by typing the entire user or group name in the form user@domain.
  3. Click the name of the user or group to which you want to assign roles.
    vra-roles1
  4. Select one or more roles from the Add Roles to this User (or Group, the process is the same) list.The Authorities Granted by Selected Roles list indicates the specific authorities you are granting.
    vra-roles2
  5. (Optional) Click Next to view more information about the user or group.
  6. Click Update Finish.

Users who are currently logged in to the vRealize Automation console must log out and log back in to the vRealize Automation console before they can navigate to the pages to which they have been granted access.

 Source – Assign Roles to Directory Users or Groups

Create vRealize Automation custom groups and assign roles

Tenant administrators can create custom groups by combining other custom groups, identity store groups, and individual identity store users.
You can assign roles to your custom group, but it is not necessary in all cases. For example, you can create a custom group called Machine Specification Approvers, to use for all machine pre-approvals. You can also create custom groups to map to your business groups so that you can manage all groups in one place. In those cases, you do not need to assign roles.

Prerequisites

Log in to the vRealize Automation console as a tenant administrator.

Procedure

  1. Select Administration > Users & Groups > Custom Groups.
  2. Click the Add icon (green-plus).
    vra-roles3
  3. Enter a group name in the New Group Name text box.
    Custom group names cannot contain the combination of a semicolon (;) followed by an equal sign (=).
  4. (Optional) Enter a description in the New Group Description text box.
  5. Select one or more roles from the Add Roles to this Group list.
    The Authorities Granted by Selected Roles list indicates the specific authorities you are granting.
    vra-roles4
  6. Click Next.
  7. Add users and groups to create your custom group.
    vra-roles5

    1. Enter a user or group name in the Search box and press Enter.
      Do not use an at sign (@), backslash (\), or slash (/) in a name. You can optimize your search by typing the entire user or group name in the form user@domain.
    2. Select the user or group to add to your custom group.
  8. Click Add Finish.

Users who are currently logged in to the vRealize Automation console must log out and log back in to the vRealize Automation console before they can navigate to the pages to which they have been granted access.

 Source – Create a Custom Group

One thought on “Objective 2.4: Manage User and Group Role Assignments

  1. Pingback: VCP7-CMA Study Guide | The SysAdmin Logs

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s