In this post we will discuss about vRealize Orchestrator service roles, what features of the embedded vRealize Orchestrator Client users can access. There are two types of service Roles.
Administrator: Can access all vRealize Orchestrator Client features and content, including the content created by specific groups. Responsible for setting user roles, creating and deleting groups and adding users to groups.
Workflow Designer: Can create, run, edit, and delete their own vRealize Orchestrator Client content. Can add their own content to their assigned group. Does not have access to the administration and troubleshooting features of the vRealize Orchestrator Client.
Note: Tenant administrators from the vRealize Automation environment used to authenticate vRealize Orchestrator have Administrator rights, by default.
- Verify that appropriate users and groups are imported from a valid vIDM instance.
- Before assigning a vRealize Orchestrator service role to your user, verify that your user has an assigned organization role in vRealize Automation.
- Log in to vRealize Automation as an administrator.
- From the top header navigation of the Cloud Services Console, select the Identity & Access Management tab.
- On the Active Users tab, search for the email address of user you want to assign to vRealize Orchestrator.
- Select the check box next to the user and click Edit Roles.
- Click Add Service Access.
- From the left drop-down menu, select Orchestrator.
- From the right drop-down menu, select the role you want to assign to the user.
- Click Save.
- The user can now access the vRealize Orchestrator Client based on their assigned role.
More details can be find at VMware official doc Managing vRealize Orchestrator Client Roles and Groups
Hope you liked this post. If you think this post is helpful to you, please like & share also comment if you need any further discussion.