Versions Compared

Old Version 39

changes.mady.by.user MS

Saved on

compared with

New Version Current

changes.mady.by.user MS

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: 6.2.0

The following table describes all the privileges in the cloud platform.

Info

Changes to privileges

See Changes to privileges

...

Home privileges

...

GUI Label _________________

...

Application Tag

...

Privilege____________________________________

...

Cloud Admin

...

Ent Admin

...

Ent User

...

Ent Viewer

...

Info

...

List enterprises within scope

...

ENTERPRISE_ENUMERATE

...

This privilege allows a user to view the list of enterprises within scope and to view statistics for those enterprises

...

X

...

Allow user to switch enterprise

...

ENTERPRISE_ADMINISTER_ALL

...

This privilege allows a user to change to another enterprise, in order to administer it, by clicking the switch user button in the Enterprises list

...

X

...

Display enterprise statistics

...

ENTERPRISE_RESOURCE_SUMMARY_ENT

...

This privilege allows a user to filter statistics by enterprise to display the resources used by an enterprise in the enterprise resources panel

...

X

...

X

...

X

...

Display enterprise limits in statistics

...

ENTERPRISE_SHOW_STATS_LIMITS

...

This privilege allows a user to view enterprise limits in addition to resources used in the enterprise resources panel if the user has the Display enterprise statistics privilege

...

X

...

X

...

X

...

View bills

...

BILLS_VIEW

...

This privilege allows a user to view bills and related widgets

...

X

...

Manage bills

...

BILLS_MANAGE

...

This privilege allows a user to manage bills

...

X

...

Services (XaaS) privileges

...

The following table describes all the privileges in the cloud platform.

Info

Changes to privileges

See Changes to privileges

Home privileges

 

 

 

 

 

 

 

GUI Label _________________

Application Tag

Privilege____________________________________

Cloud Admin

Ent Admin

Ent User

Ent Viewer

Info

List enterprises within scope

ENTERPRISE_ENUMERATE

This privilege allows a user to view the list of enterprises within scope and to view statistics for those enterprises

X

Allow user to switch enterprise

ENTERPRISE_ADMINISTER_ALL

This privilege allows a user to change to another enterprise, in order to administer it, by clicking the switch user button in the Enterprises list

X

Display enterprise statistics

ENTERPRISE_RESOURCE_SUMMARY_ENT

This privilege allows a user to filter statistics by enterprise to display the resources used by an enterprise in the enterprise resources panel

X

X

X

Display enterprise limits in statistics

ENTERPRISE_SHOW_STATS_LIMITS

This privilege allows a user to view enterprise limits in addition to resources used in the enterprise resources panel if the user has the Display enterprise statistics privilege

X

X

X

View bills

BILLS_VIEW

This privilege allows a user to view bills and related widgets

X

Manage bills

BILLS_MANAGE

This privilege allows a user to manage bills

X

Services (XaaS) privileges

 

 

 

 

 

 

 

GUI Label _________________

Application Tag

Privilege____________________________________

Cloud Admin

Ent Admin

Ent User

Ent Viewer

Info

Use default services

XAAS_USE_DEFAULT

This privilege allows a user to use default services

X

X

Manage default services

XAAS_MANAGE_DEFAULT

This privilege allows a user to manage default services

X

Use enterprise services

XAAS_USE_ENTERPRISE

This privilege allows a user to use enterprise services

X

X

X

X

Manage enterprise services

XAAS_MANAGE_ENTERPRISE

This privilege allows a user to manage enterprise services

X

X

Use user services

XAAS_USE_USER

This privilege allows a user to use user services

X

X

X

X

Manage user services

XAAS_MANAGE_USER

This privilege allows a user to manage user services

X

X

X

Use datacenter services

XAAS_USE_DATACENTER

This privilege allows a user to use datacenter services

X

X

X

Manage datacenter services

XAAS_MANAGE_DATACENTER

This privilege allows a user to manage datacenter services

X

Use public cloud region services

XAAS_USE_PUBLIC_CLOUD_REGION

This privilege allows a user to use public cloud region services

X

X

X

Manage public cloud region services

XAAS_MANAGE_PUBLIC_CLOUD_REGION

This privilege allows a user to manage public cloud region services

X

Use location services

XAAS_USE_LOCATION

This privilege allows a user to use location services

X

X

X

X

Manage location services

XAAS_MANAGE_LOCATION

This privilege allows a user to manage location services

X

X

Use virtual datacenter services

XAAS_USE_VIRTUAL_DATACENTER

This privilege allows a user to use virtual datacenter services

X

X

X

X

Manage virtual datacenter services

XAAS_MANAGE_VIRTUAL_DATACENTER

This privilege allows a user to manage virtual datacenter services

X

X

X

Use virtual appliance services

XAAS_USE_VIRTUAL_APPLIANCE

This privilege allows a user to use virtual appliance services

X

X

X

X

Manage virtual appliance services

XAAS_MANAGE_VIRTUAL_APPLIANCE

This privilege allows a user to manage virtual appliance services

X

X

X

Use virtual machine services

XAAS_USE_VIRTUAL_MACHINE

This privilege allows a user to use virtual machine services

X

X

X

X

Manage virtual machine services

XAAS_MANAGE_VIRTUAL_MACHINE

This privilege allows a user to manage virtual machine services

X

X

X

Run actions on usable services

XAAS_EXECUTE

This privilege allows a user to run actions on the services they can use

X

X

X

Infrastructure privileges

 

 

 

 

 

 

 

GUI Label _________________

Application Tag

Privilege

_______

_____________________________

Cloud Admin

Ent Admin

Ent User

Ent Viewer

Info

Use default services

XAAS_USE_DEFAULT

This privilege allows a user to use default services

X

X

Manage default services

XAAS_MANAGE_DEFAULT

This privilege allows a user to manage default services

X

Use enterprise services

XAAS_USE_ENTERPRISE

This privilege allows a user to use enterprise services

X

X

X

X

Manage enterprise services

XAAS_MANAGE_ENTERPRISE

_______

Cloud Admin

Ent Admin

Ent User

Ent Viewer

Info

Access infrastructure view and private DCs

PHYS_DC_ENUMERATE

This privilege allows a user to

manage enterprise services

access the Infrastructure view and list the physical datacenters

X

X

Use user services

XAAS_USE_USER

Display resource usage panel

PHYS_DC_RETRIEVE_RESOURCE_USAGE

This privilege allows a user to

use user services

X

X

view the resource usage panel in the Infrastructure view

X

X

Manage

user servicesXAAS

datacenter

PHYS_DC_MANAGE

_USER

This privilege allows a user to manage

user services

X

X

datacenters (add, edit and delete). Without it, the datacenter's properties will be read only

X

Use

View datacenter

services

details

XAAS

PHYS_DC_

USE

RETRIEVE_

DATACENTER

DETAILS

This privilege allows a user to

use datacenter services

X

X

go inside a datacenter and view its details (racks, physical machines, networks, storage and allocation rules)

X

Manage datacenter

services

infrastructure elements

XAAS

PHYS_

MANAGE_DATACENTER

This privilege allows a user to manage datacenter services

X

Use public cloud region services

XAAS_USE_PUBLIC_CLOUD_REGION

DC_ALLOW_MODIFY_SERVERS

This privilege allows a user to

use public cloud region services

Manage public cloud region services

XAAS_MANAGE_PUBLIC_CLOUD_REGION

manage infrastructure elements (add, edit and delete racks and physical machines)

X

X

X

Manage network elements

PHYS_DC_ALLOW_MODIFY_NETWORK

This privilege allows a user to manage

public cloud region servicesXAAS_USE_LOCATION

network elements (add, edit and delete public networks)

X

Use location services

Manage storage elements

PHYS_DC_ALLOW_MODIFY_STORAGE

This privilege allows a user to

use location services

X

X

X

manage storage elements (add, edit and delete storage devices, pools, tiers and volumes)

X

Manage

location servicesXAAS_MANAGE_LOCATION

allocation rules

PHYS_DC_ALLOW_MODIFY_ALLOCATION

This privilege allows a user to manage

location services

allocation rules (add and delete rules)

X

X

Use virtual datacenter services

XAAS_USE_VIRTUAL_DATACENTER

Manage datacenter backup configuration

PHYS_DC_ALLOW_BACKUP_CONFIG

This privilege allows a user to

use virtual datacenter servicesX

manage backup configuration at datacenter level

X

X

Manage devices

MANAGE_DEVICES

This privilege allows a user to setup networking devices (Neutron)

X

Manage

virtual datacenter servicesXAAS

public cloud regions

PCR_MANAGE

_VIRTUAL_DATACENTER

This privilege allows a user to manage

virtual datacenter services

Use virtual appliance services

XAAS_USE_VIRTUAL_APPLIANCE

public cloud regions (add, edit and delete). Without it, the public cloud region's properties will be read only

X

X

X

Access infrastructure view and PCRs

PCR_ENUMERATE

This privilege allows a user to

use virtual appliance servicesXAAS_MANAGE_VIRTUAL_APPLIANCE

access the Infrastructure view and list the public cloud regions

X

X

X

X

Manage virtual appliance services

View public cloud region details

PCR_RETRIEVE_DETAILS

This privilege allows a user to

manage virtual appliance services

Use virtual machine services

XAAS_USE_VIRTUAL_MACHINE

go inside a public cloud region and view its details (virtual machines and hardware profiles)

X

X

X

Manage hardware profile types and family

MANAGE_HARDWARE_PROFILE_TYPE_AND_FAMILY

This privilege allows

a user to use virtual machine servicesXAAS_MANAGE_VIRTUAL_MACHINE

the user to manage hardware profile types and family (add, edit and delete)

X

X

X

X

Manage virtual machine services

View and manage protection managers

MANAGE_DRAAS_CONFIG

This privilege allows

a

the user to manage

virtual machine services

protection managers for disaster recovery (create, edit and delete)

X

X

Run actions on usable services

XAAS_EXECUTE

This privilege allows a user to run actions on the services they can use

X

X

X

Infrastructure privileges

GUI Label _________________

Application Tag

Privilege

Virtual datacenters privileges

X

 

 

 

 

 

 

 

GUI Label _________________

Application Tag

Privilege__________________

_

Cloud Admin

Ent Admin

Ent User

Ent Viewer

Info

Access infrastructure view and private DCs

PHYS

_

DC

_

ENUMERATE

This privilege allows a user to access the Infrastructure view and list the physical datacenters

X

Display resource usage panel

PHYS

_

DC

_

RETRIEVE

_

RESOURCE_USAGE

This privilege allows a user to view the resource usage panel in the Infrastructure view

X

Manage datacenter

PHYS_DC_MANAGE

This privilege allows a user to manage datacenters (add, edit and delete). Without it, the datacenter's properties will be read only

X

View datacenter details

PHYS_DC_RETRIEVE_DETAILS

This privilege allows a user to go inside a datacenter and view its details (racks, physical machines, networks, storage and allocation rules)

X

Manage datacenter infrastructure elements

PHYS_DC_ALLOW_MODIFY_SERVERS

_____________

Cloud Admin

Ent Admin

Ent User

Ent Viewer

Info

Access virtual datacenters view

VDC_ENUMERATE

This privilege allows a user to

manage infrastructure elements (add, edit and delete racks and physical machines)

access the Virtual Datacenters view

X

X

X

X

Manage

network elements

virtual datacenters

PHYS_DC_ALLOW_MODIFY_NETWORK

VDC_MANAGE

This privilege allows a user to manage

network elements

virtual datacenters (add, edit and delete

public networks)

). Without it, the virtual datacenter details are read only

X

X

Manage

storage elements

virtual appliances

PHYS

VDC_

DC_ALLOW_MODIFY_STORAGE

MANAGE_VAPP

This privilege allows a user to manage

storage elements

virtual appliances (add, edit and delete

storage devices, pools, tiers and volumesPHYS_DC_ALLOW_MODIFY_ALLOCATION

)

X

Manage allocation rules

X

X

Manage virtual network elements

VDC_MANAGE_NETWORK

This privilege allows a user to manage

allocation rules

private and public networks (add, edit and delete

rules

)

X

Manage datacenter backup configuration

PHYS_DC_ALLOW_BACKUP_CONFIG

X

Manage virtual storage elements

VDC_MANAGE_STORAGE

This privilege allows a user to manage

backup configuration at datacenter level

storage volumes (add, edit and delete)

X

X

Manage

devices

floating IPs

MANAGE_

DEVICES

FLOATINGIPS

This privilege allows a user to

setup networking devices (Neutron

manage floating IPs (add and delete)

X

X

Manage

public cloud regions

firewalls

PCR

MANAGE_

MANAGE

FIREWALLS

This privilege allows a user to manage

public cloud regions

firewalls (add, edit and delete)

. Without it, the public cloud region's properties will be read only

X

Access infrastructure view and PCRs

PCR_ENUMERATE

This privilege allows a user to access the Infrastructure view and list the public cloud regions

X

View public cloud region details

PCR_RETRIEVE_DETAILS

for virtual datacenters

X

X

Manage load balancers

MANAGE_LOADBALANCERS

This privilege allows a user to

go inside a public cloud region and view its details (virtual machines and hardware profiles)MANAGE_HARDWARE_PROFILE_TYPE_AND_FAMILY

manage load balancers (add, edit and delete) for virtual datacenters

X

Manage hardware profile types and family

X

Manage virtual storage controller

VDC_MANAGE_STORAGE_CONTROLLER

This privilege allows

the

a user to manage

hardware profile types and family (add, edit and delete)

X

View and manage protection managers

MANAGE_DRAAS_CONFIG

the controller of storage volumes

X

X

X

Manage public IPs

MANAGE_PUBLICIPS

This privilege allows

the

a user to manage

protection managers for disaster recovery (create, edit, and delete)

GUI Label _________________

Application Tag

Privilege____________________________________

Cloud Admin

Ent Admin

Ent User

Ent Viewer

Info

Access virtual datacenters view

VDC_ENUMERATE

public IPs for private virtual datacenters

X

Virtual datacenters privileges

X

X

Modify allocation when attaching a disk

VDC_MANAGE_STORAGE_DISK_ALLOCATION

This privilege allows a user to modify the allocation of disks before they are deployed to the hypervisor and specify allocation when attaching a new disk and it is not possible once the VM is deployed (disk already created/copied)

X

Manage NAT IPs

MANAGE_NATIPS

This privilege allows a user to

access the Virtual Datacenters view

manage NAT IPs for private virtual datacenters

X

X

X

X

Manage

virtual datacenters

VPNs

VDC

MANAGE_

MANAGE

VPN

This privilege allows a user to manage

virtual datacenters (add, edit and delete). Without it, the virtual datacenter details are read only

VPNs

X

X

Manage

virtual appliances

classic firewalls

VDC

MANAGE_

MANAGE

CLASSIC_

VAPP

FIREWALLS

This privilege allows a user to manage

virtual appliances

classic firewalls (

add,

edit and delete)

X

X

for devices

X

Manage

virtual network elementsVDC_MANAGE_NETWORK

private IP reservations

MANAGE_PRIVATEIP_RESERVATION

This privilege allows a user to manage private

and public networks (add, edit and delete)X

IP reservations

X

Manage default virtual

storage elements

datacenter firewall

VDC

MANAGE_

MANAGE

DEFAULT_

STORAGE

FIREWALL

This privilege allows a user to

manage storage volumes (add, edit and delete)

Manage floating IPs

MANAGE_FLOATINGIPS

define a default virtual datacenter firewall

X

X

Manage enterprise datacenter default roles

VDC_MANAGE_DEFAULT_ROLE

This privilege allows a user to manage

floating IPs (add and deleteMANAGE_FIREWALLS

enterprise datacenter default roles (creation/edition)

X

X

Manage firewalls

Access public network tab

VDC_VIEW_PUBLIC_NETWORK

This privilege

allows a

gives the user

to manage firewalls (add, edit and delete) for virtual datacenters

access to public network resources in virtual infrastructure

X

X

X

X

Manage

load balancers

public network elements

VDC_MANAGE_

LOADBALANCERS

PUBLIC_NETWORK

This privilege allows a user to manage

load balancers (add, edit and delete) for virtual datacenters

public network resources in virtual infrastructure

X

X

X

X

Manage virtual storage controller

Access external network tab

VDC_

MANAGE

VIEW_

STORAGE

EXTERNAL_

CONTROLLER

NETWORK

This privilege

allows a

gives the user

to manage the controller of storage volumes

access to external network resources in virtual infrastructure

X

X

X

X

Manage

public IPsMANAGE_PUBLICIPS

external network elements

VDC_MANAGE_EXTERNAL_NETWORK

This privilege allows a user to manage

public IPs for private virtual datacentersVDC_

external network resources in virtual infrastructure

X

X

X

X

Modify allocation when attaching a disk

Manage availability sets

MANAGE_

STORAGE

AVAILABILITY_

DISK_ALLOCATION

SET

This privilege allows a user to

modify the allocation of disks before they are deployed to the hypervisor and specify allocation when attaching a new disk and it is not possible once the VM is deployed (disk already created/copied)

X

Manage NAT IPs

MANAGE_NATIPS

manage availability sets (add and delete) for virtual datacenters

X

X

Assign availability set to VM

ASSIGN_AVAILABILITY_SET

This privilege allows a user to

manage NAT IPs for private virtual datacentersManage VPNs

assign availability sets to virtual machine (create and edit VM)

X

X

X

Manage the bandwidth limit for NAT

MANAGE_

VPN

BANDWIDTHLIMIT_NAT

This privilege allows a user to manage

VPNsX

the bandwidth limit for NAT

X

Manage

classic firewalls

the bandwidth limit for public IPs

MANAGE_

CLASSIC

BANDWIDTHLIMIT_

FIREWALLS

PUBLIC

This privilege allows a user to manage

classic firewalls (edit and delete) for devices

the bandwidth limit for public IPs

X

Manage

private IP reservations

resource groups

MANAGE_

PRIVATEIP

RESOURCE_

RESERVATION

GROUP

This privilege allows a user to

manage private IP reservationsMANAGE_DEFAULT_FIREWALL

create resource groups

X

X

X

Manage default virtual datacenter firewall

Delete resource groups

DELETE_RESOURCE_GROUP

This privilege allows a user to

define a default virtual datacenter firewall

delete resource groups

X

X

X

Manage

enterprise datacenter default rolesVDC_

global networks

MANAGE_

DEFAULT

GLOBAL_

ROLE

NETWORK

This privilege allows a user to manage

enterprise datacenter default roles (creation/edition)VDC_VIEW_PUBLIC_NETWORK

global networks

X

X

X

Access public network tab

Update private MAC IP

UPDATE_MAC_IP

This privilege

gives the

allows a user

access to public network resources in virtual infrastructure

Manage public network elements

VDC_MANAGE_PUBLIC_NETWORK

This privilege allows a user to manage public network resources in virtual infrastructure

X

X

X

X

Access external network tab

VDC_VIEW_EXTERNAL_NETWORK

This privilege gives the user access to external network resources in virtual infrastructure

X

X

X

X

Manage external network elements

VDC_MANAGE_EXTERNAL_NETWORK

This privilege allows a user to manage external network resources in virtual infrastructure

to update private MAC IP

X

X

X

X

MANAGE_AVAILABILITY_SET
Virtual appliances privileges

 

 

 

 

 

 

 

GUI Label _________________

Application Tag

Privilege____________________________________

Cloud Admin

Ent Admin

Ent User

Ent Viewer

Info

Edit virtual appliance details

VAPP_CUSTOMISE_SETTINGS

This privilege allows a user to edit virtual appliance details (name, CPUs, etc.), go inside virtual appliances and view their details

X

X

X

X

Manage availability sets

Deploy and undeploy virtual appliances

VAPP_DEPLOY_UNDEPLOY

This privilege allows a user to

manage availability sets (add and delete) for virtual datacentersASSIGN_AVAILABILITY_SET

deploy/undeploy virtual appliances

X

X

X

Assign availability set to VM

Perform virtual machine actions

VAPP_PERFORM_ACTIONS

This privilege allows a user to

assign availability sets to

perform virtual machine

(create and edit VM)MANAGE_BANDWIDTHLIMIT_NAT

actions (power on/off, pause, reboot, remote access)

X

X

X

Manage the bandwidth limit for NAT

Create instance

VAPP_CREATE_INSTANCE

This privilege allows a user to

manage the bandwidth limit for NAT

X

Manage the bandwidth limit for public IPs

MANAGE_BANDWIDTHLIMIT_PUBLIC

This privilege allows a user to manage the bandwidth limit for public IPs

create instance templates of a virtual machine within a virtual appliance

X

X

X

Manage

resource groups

virtual machine hard disks

MANAGE_

RESOURCE

HARD_

GROUP

DISKS

This privilege allows a user

to create resource groups

Delete resource groups

DELETE_RESOURCE_GROUP

to access the virtual machine hard disk tab and manage hard disks (add and delete)

X

X

X

Manage layers

VAPP_MANAGE_LAYERS

This privilege allows a user to

delete resource groups

manage anti-affinity layers in virtual appliances (create, edit and delete layers)

X

X

X

Manage

global networks

virtual machine backup configuration

VAPP_MANAGE_

GLOBAL_NETWORK

BACKUP

This privilege allows a user to

manage global networksUPDATE_MAC_IP

access the backup configuration at virtual machine level and set the backup type and contents

X

X

X

Update private MAC IP

Manage virtual machine backup schedule

VAPP_DEFINE_BACKUP_INFO

This privilege allows a user to

update private MAC IP

X

Virtual appliances privileges

GUI Label _________________

Application Tag

Privilege____________________________________

Cloud Admin

Ent Admin

Ent User

Ent Viewer

Info

Edit virtual appliance details

VAPP_CUSTOMISE_SETTINGS

specify an additional option for backup configuration by setting backup dates and times

X

Delete unknown virtual machines

VAPP_DELETE_UNKNOWN_VM

This privilege allows a user to

edit virtual appliance details (name, CPUs, etc.), go inside virtual appliances and view their details

X

X

X

Deploy and undeploy virtual appliances

VAPP_DEPLOY_UNDEPLOY

delete virtual machines in unknown state

X

Assign firewalls to virtual machines

ASSIGN_FIREWALLS

This privilege allows a user

to deploy/undeploy virtual appliances

to assign already created firewalls to virtual machines

X

X

X

Perform

Manage virtual machine

actions

backup disks

VAPP_

PERFORM

MANAGE_BACKUP_

ACTIONS

DISKS

This privilege allows a user to

perform virtual machine actions (power on/off, pause, reboot, remote access

Manage persistent templates

VAPP_CREATE_STATEFUL

specify disks and disk backup types (snapshot and complete)

X

X

X

Assign load balancers

ASSIGN_LOADBALANCERS

This privilege allows a user to

manage persistent virtual machine templates (create in VApp; create, edit and delete in virtual datacenter)

assign load balancers

X

X

Manage virtual machine metrics

USERS_ENABLE_DISABLE_VM_METRICS

This privilege allows a user to activate monitoring of virtual machines

X

X

X

Create instance

Access metrics

VAPP

USERS_

CREATE

SHOW_

INSTANCE

METRICS

This privilege allows a user to

create instance templates of a virtual machine within a virtual appliance

manage monitoring

X

X

X

X

Manage

Restore virtual machine

hard disks

backups

MANAGE

VAPP_

HARD

RESTORE_

DISKS

BACKUP

This privilege allows a user to

access the virtual machine hard disk tab and manage hard disks (add and delete)

X

X

Manage layers

VAPP_MANAGE_LAYERS

restore virtual machine backups

X

X

Protect/unprotect virtual machines

VM_PROTECT_ACTION

This privilege allows a user to protect/unprotect a virtual machine

X

Consume virtual appliance specs

CONSUME_VAPP_SPEC

This privilege allows a user to

manage anti-affinity layers in virtual appliances (create, edit and delete layers)Manage

consume virtual appliance specs

X

X

X

Override virtual machine

backup configurationVAPP_MANAGE_BACKUP

constraints

VM_EXCEED_CPU_RAM

This privilege allows a user to

access the backup configuration at

modify virtual machine

level and set the backup type and contents

CPU and RAM to values outside the maximum and minimum values defined in the virtual machine template

X

Manage

Edit virtual machine

backup schedule

details

VAPP

VM_

DEFINE

EDIT_

BACKUP

CPU_

INFO

RAM

This privilege allows a user to

specify an additional option for backup configuration by setting backup dates and times

X

Manage workflow tasks

WORKFLOW_OVERRIDE

This privilege allows a user to start or cancel queued tasks if workflow is enabled

X

X

Delete unknown virtual machines

VAPP_DELETE_UNKNOWN_VM

This privilege allows a user to delete virtual machines in unknown state

X

Assign firewalls to virtual machines

ASSIGN_FIREWALLS

edit virtual machine details (CPU and RAM)

X

X

X

Retrieve default template credentials

VM_CHECK_USER_PASSWORD

This privilege allows a user to retrieve the default user and password of a template

X

Relocate a VM to a compatible host

VM_RELOCATE

This privilege allows a user to

assign already created firewalls to virtual machines

Access persistent templates view

VAPP_STATEFUL_VIEW

relocate a VM to a compatible host

X

X

Attach NICs in restricted networks to VMs

VM_ATTACH_NIC

This privilege allows a user to

access the persistent virtual machine templates view

X

X

attach NICs in restricted networks

X

Detach NICs in restricted networks from VMs

VM_DETACH_NIC

This privilege allows a user to detach NICs in restricted networks

X

Manage

virtual machine backup disksVAPP_

scaling groups

MANAGE_

BACKUP

SCALING_

DISKS

GROUPS

This privilege allows a user to

specify disks and disk backup types (snapshot and complete

Assign load balancers

ASSIGN_LOADBALANCERS

manage scaling groups (add, edit and delete)

X

X

Manage virtual machine ISO disks

MANAGE_ISO

This privilege allows a user to

assign load balancers

manage ISO disks in virtual machines (add, edit and delete)

X

X

Manage virtual machine metrics

USERS_ENABLE_DISABLE_VM_METRICS

Manage restricted VApps and VMs

VAPP_RESTRICTED_MANAGE

This privilege allows a user to

activate monitoring of virtual machines

Access metrics

USERS_SHOW_METRICS

manage restricted VApps and VMs

X

X

X

View restricted VApps and VMs

VAPP_RESTRICTED_VIEW

This privilege allows a user to

manage monitoring

view restricted VApps and VMs

X

X

X

X

Restore virtual machine backups

VAPP_RESTORE_BACKUP

Restrict VM

VM_RESTRICT

This privilege allows a user to

restore virtual machine backupsVM_PROTECT_ACTION

restrict VMs

X

X

Protect/unprotect virtual machines

Move VMs

MANAGE_MOVE_VM

This privilege allows

a user to protect/unprotect a virtual machineCONSUME_VAPP_SPEC

a user to move VMs between VDCs

X

Consume virtual appliance specs

Retrieve virtual machine initial password

VM_RETRIEVE_INITIAL_PASSWORD

This privilege allows a user to

consume virtual appliance specs

retrieve the initial password of a virtual machine

X

Override virtual machine constraints

Assign public IPs to VMs

VM_

EXCEED

ASSIGN_

CPU

PUBLIC_

RAM

IP

This privilege allows a user to

modify virtual machine CPU and RAM to values outside the maximum and minimum values defined in the virtual machine template

X

Edit virtual machine details

VM_EDIT_CPU_RAM

assign public IPs to VMs

X

X

X

X

Assign external IPs to VMs

VM_ASSIGN_EXTERNAL_IP

This privilege allows a user to

edit virtual machine details (CPU and RAM)

assign external IPs to VMs

X

X

X

X

Retrieve default template credentials

Reset VM guest password

VM_

CHECK

RESET_

USER

GUEST_PASSWORD

This privilege allows a user to

retrieve

reset the

default user and

initial password of a

templateSCALING_GROUP

virtual machine

X

Relocate a VM to a compatible host

VM_RELOCATE

This privilege allows a user to relocate a VM to a compatible host

X

Manage workflow for scaling groups

Manage VM disaster recovery protection

VM_MANAGE_

WORKFLOW

DRAAS

This privilege allows a user to enable or disable

workflow for scaling groups.VM_ATTACH_NIC

disaster recovery protection for VMs

X

Attach NICs in restricted networks to VMs

X

Manage VM snapshots

MANAGE_SNAPSHOT

This privilege allows a user to

attach NICs in restricted networks

X

Detach NICs in restricted networks from VMs

VM_DETACH_NIC

create, delete, and revert VM snapshots

X

X

View enterprise snapshots list

VIEW_ENTERPRISE_SNAPSHOTS_LIST

This privilege allows a user to

detach NICs in restricted networks

view the enterprise’s VM snapshots list

X

X

Manage

scaling groupsMANAGE_SCALING_GROUPS

snapshot auto delete function

USERS_ENABLE_DISABLE_SNAPSHOT_AUTODELETE

This privilege allows a user to

manage scaling groups (add, edit and delete)

enable snapshot auto deletion

X

X

Manage

virtual machine ISO disksMANAGE_ISO

snapshot auto delete expiration date

USERS_MANAGE_SNAPSHOT_AUTODELETE

This privilege allows a user to

manage ISO disks in virtual machines (add, edit and delete)

X

Manage restricted VApps and VMs

VAPP_RESTRICTED_MANAGE

This privilege allows a user to manage restricted VApps and VMs

X

View restricted VApps and VMs

VAPP_RESTRICTED_VIEW

This privilege allows a user to view restricted VApps and VMs

X

Restrict VM

VM_RESTRICT

This privilege allows a user to restrict VMs

X

Move VMs

MANAGE_MOVE_VM

This privilege allows a user to move VMs between VDCs

X

Retrieve virtual machine initial password

VM_RETRIEVE_INITIAL_PASSWORD

specify the snapshot auto deletion expire date

X

X

Catalogue privileges

 

 

 

 

 

 

 

GUI Label _________________

Application Tag

Privilege____________________________________

Cloud Admin

Ent Admin

Ent User

Ent Viewer

Info

Access Catalogue view

APPLIB_VIEW

This privilege allows a user to

retrieve the initial password of a virtual machine

access the Catalogue view

X

Assign public IPs to VMs

X

VM_ASSIGN_PUBLIC_IP

Manage VM templates from Catalogue

APPLIB_ALLOW_MODIFY

This privilege allows a user to

assign public IPs to VMs

Assign external IPs to VMs

VM_ASSIGN_EXTERNAL_IP

view the Catalogue contents, modify virtual machine templates (download from remote repositories, edit and delete) and promote instances

X

X

X

X

Upload virtual machine template

APPLIB_UPLOAD_IMAGE

This privilege allows a user to

assign external IPs to VMsVM_RESET_GUEST_PASSWORD

upload virtual machine templates from a local file into the Catalogue

X

X

X

X

Reset VM guest password

Manage repository

APPLIB_MANAGE_REPOSITORY

This privilege allows a user to

reset the initial password of a virtual machine

X

Manage VM disaster recovery protection

VM_MANAGE_DRAAS

manage repositories (add and delete repositories)

X

X

Download virtual machine template

APPLIB_DOWNLOAD_IMAGE

This privilege allows a user

to enable or disable disaster recovery protection for VMs

to download virtual machine templates from the Catalogue to their hard disk

X

X

Manage VM

snapshots

template categories

APPLIB_MANAGE_

SNAPSHOT

CATEGORIES

This privilege allows a user

to create, delete, and revert VM snapshotsVIEW_ENTERPRISE_SNAPSHOTS_LIST

to manage categories of virtual machine templates that belong to their enterprise (add and delete)

X

X

View enterprise snapshots list

Manage VM template global categories

APPLIB_MANAGE_GLOBAL_CATEGORIES

This privilege allows a user

to view the enterprise’s VM snapshots list

X

X

Manage snapshot auto delete function

USERS_ENABLE_DISABLE_SNAPSHOT_AUTODELETE

to manage categories of virtual machine templates that are common and available to all enterprises (add and delete)

X

Display datacenter capacity and free space

APPLIB_SHOW_DC_CAPACITY

This privilege allows a user to

enable snapshot auto deletion

X

X

Manage snapshot auto delete expiration date

USERS_MANAGE_SNAPSHOT_AUTODELETE

view the capacity and remaining space of a datacenter

X

Export a virtual machine template to datacenter

APPLIB_EXPORT_TO_PRIVATE

This privilege allows a user

to specify the snapshot auto deletion expire date

X

X

Catalogue privileges

GUI Label _________________

Application Tag

Privilege____________________________________

Cloud Admin

Ent Admin

Ent User

Ent Viewer

Info

Access Catalogue view

APPLIB_VIEW

to export a virtual machine template to another private datacenter.

X

Export a virtual machine template to public cloud region

APPLIB_EXPORT_TO_PUBLIC

This privilege allows a user to export a virtual machine template to another public cloud region.

X

Manage virtual appliance specs

MANAGE_VAPP_SPEC

This privilege allows a user to manage virtual appliance specs (add and edit)

X

Download VM templates from remote repository

APPLIB_DOWNLOAD_FROM_REMOTE_REPOSITORY

This privilege allows a user to

access the Catalogue view

download virtual machine templates from remote repositories

X

X

Manage VM templates from Catalogue

Specify allocation of template disks

APPLIB_

ALLOW

DISK_

MODIFY

ALLOCATION

This privilege allows a user to

view the Catalogue contents, modify virtual machine templates (download from remote repositories, edit and delete) and promote instances

specify the allocation of template disks

X

X

Upload

Accept virtual machine template terms of use

APPLIB_

UPLOAD

ACCEPT_IMAGE_TERMS

This privilege allows a user to

upload

accept virtual machine

templates from a local file into the Catalogue

template terms of use

X

X

Manage

repository

script templates

APPLIB

MANAGE_

MANAGE

SCRIPT_

REPOSITORY

TEMPLATES

This privilege allows a user to manage

repositories

script templates (add, edit and delete

repositories

)

X

X

Download

Add a script template to a virtual machine template

APPLIB

SCRIPT_

DOWNLOAD_IMAGE

This privilege allows a user to download virtual machine templates from the Catalogue to their hard disk

X

X

Manage VM template categories

APPLIB_MANAGE_CATEGORIES

TEMPLATE_ATTACH_TO_APPLIB

This privilege allows a user

to manage categories of virtual machine templates that belong to their enterprise (add and delete)

X

X

Manage VM template global categories

APPLIB_MANAGE_GLOBAL_CATEGORIES

This privilege allows a user to manage categories of virtual machine templates that are common and available to all enterprises (add and delete)

X

Display datacenter capacity and free space

APPLIB_SHOW_DC_CAPACITY

This privilege allows a user to view the capacity and remaining space of a datacenter

X

Export a virtual machine template to datacenter

APPLIB_EXPORT_TO_PRIVATE

attach an script template to a virtual machine template

X

Users privileges

 

 

 

 

 

 

 

GUI Label _________________

Application Tag

Privilege____________________________________

Cloud Admin

Ent Admin

Ent User

Ent Viewer

Info

Access Users view

USERS_VIEW

This privilege allows a user to

export a virtual machine template to another private datacenter.

X

Export a virtual machine template to public cloud region

APPLIB_EXPORT_TO_PUBLIC

access the Users view

X

X

Manage enterprises

USERS_MANAGE_ENTERPRISE

This privilege allows a user to

export a virtual machine template to another public cloud region.

manage enterprises (add, edit and delete)

X

Manage

virtual appliance specs

users

USERS_MANAGE_

VAPP_SPEC

USERS

This privilege allows a user to manage

virtual appliance specs

users (add, edit and

editAPPLIB_DOWNLOAD_FROM_REMOTE_REPOSITORY

delete)

X

Download VM templates from remote repository

X

Manage users of all enterprises

USERS_MANAGE_OTHER_ENTERPRISES

This privilege allows a user to

download virtual machine templates from remote repositories

X

X

Specify allocation of template disks

APPLIB_DISK_ALLOCATION

This privilege allows a user to specify the allocation of template disks

X

Accept virtual machine template terms of use

APPLIB_ACCEPT_IMAGE_TERMS

manage users of more than one enterprise and move users between enterprises. Without it, the Enterprise list is not shown in Users view

X

No VDC restriction

USERS_PROHIBIT_VDC_RESTRICTION

Normally a user within an enterprise can have a list of VDCs assigned and these will be the only VDCs that they will be able to display. Setting this privilege exempts a user from having their VDC list restricted and they will be able to display all VDCs in their enterprise

X

X

Access Roles and Scope screens

USERS_VIEW_PRIVILEGES

This privilege allows a user to

accept virtual machine template terms of use
Users privileges

GUI Label _________________

Application Tag

Privilege____________________________________

Cloud Admin

Ent Admin

Ent User

Ent Viewer

Info

Access Users view

USERS_VIEW

access the Roles and Scopes screen

X

X

Manage roles

USERS_MANAGE_ROLES

This privilege allows a user to manage roles (add, edit and delete roles; modify privileges assigned to roles; assign scopes to roles)

X

Associate role with enterprise

USERS_MANAGE_ROLES_OTHER_ENTERPRISES

This privilege allows a user to associate a role with any enterprise

X

Manage global role

USERS_MANAGE_SYSTEM_ROLES

This privilege allows a user to manage roles that are common and available to all enterprises, rather than being constrained to a single enterprise

X

Display connected users

USERS_ENUMERATE_CONNECTED

This privilege allows a user to

access the Users view

display connected users

X

X

Manage enterprises

Define enterprise manager

USERS_

MANAGE

DEFINE_AS_

ENTERPRISE

MANAGER

This privilege

allows a user to manage enterprises (add, edit and delete)

defines a user as an enterprise manager. Enterprise managers receive physical machine notification emails

X

X

Manage

users

Chef enterprises

USERS_MANAGE_CHEF_

USERS

ENTERPRISE

This privilege allows a user to

manage users (add, edit and delete)X

enable and manage Chef for enterprises

X

Manage

users of all enterprises

scopes

USERS_MANAGE_

OTHER_ENTERPRISES

SCOPES

This privilege allows a user to manage

users of more than one enterprise and move users between enterprises. Without it, the Enterprise list is not shown in Users view

X

No VDC restriction

USERS_PROHIBIT_VDC_RESTRICTION

Normally a user within an enterprise can have a list of VDCs assigned and these will be the only VDCs that they will be able to see. Setting this privilege exempts a user from having their VDC list restricted and they will be able to see all VDCs in their enterprise

X

X

Access Roles and Scope screens

USERS_VIEW_PRIVILEGES

scopes (add, edit and delete scopes)

X

Manage enterprise reserved servers

USERS_MANAGE_RESERVED_MACHINES

This privilege allows a user to manage reserved servers at enterprise level

X

Allow user to push own metrics

USERS_PUSH_METRICS

This privilege allows a user to

access the Roles and Scopes screen

push their own metrics

X

X

X

Manage

roles

provider credentials

USERS_MANAGE_

ROLES

CREDENTIALS

This privilege allows a user to manage

roles

provider credentials (add

, edit

and delete

roles; modify privileges assigned to roles; assign scopes to roles

)

X

Associate role with enterprise

Manage user applications

USERS_MANAGE_

ROLES_OTHER_ENTERPRISES

APPLICATIONS

This privilege allows a user to

associate a role with any enterprise

manage applications (add and delete)

X

Manage

global role

reseller enterprises

USERS

ENTERPRISE_MANAGE_

SYSTEM_ROLES

RESELLER

This privilege allows a user to manage

roles that are common and available to all enterprises, rather than being constrained to a single enterpriseUSERS_ENUMERATE_CONNECTED

resellers

X

Display connected users

Manage key node enterprises

ENTERPRISE_MANAGE_KEY_NODE

This privilege allows a user to

display connected users

manage aggregation nodes

X

Define

Manage enterprise

manager

properties

USERS

ENTERPRISE_

DEFINE

MANAGE_

AS_MANAGER

PROPERTIES

This privilege

defines

allows a user

as an enterprise manager. Enterprise managers receive physical machine notification emails

Manage Chef enterprises

USERS_MANAGE_CHEF_ENTERPRISE

to manage enterprise properties

X

X

Manage user allowed CIDRs

MANAGE_USER_CIDR_ACCESS

This privilege allows a user to

enable and

manage

Chef

allowed CIDRs for

enterprises

users

X

Manage

scopes

virtual datacenter roles

USERS_MANAGE_

SCOPES

VDC_ROLES

This privilege allows a user to manage

scopes (add, edit and delete scopes

virtual datacenter roles (select default role, define user exceptions)

X

Manage

enterprise reserved serversUSERS_

role and scope allowed CIDRs

MANAGE_

RESERVED_MACHINES

This privilege allows a user to manage reserved servers at enterprise level

X

Modify enterprise theme

USERS_MANAGE_ENTERPRISE_BRANDING

ROLE_AND_SCOPE_CIDR_ACCESS

This privilege allows

a user to manage enterprise branding (select a specific theme for an enterprise)

X

Allow user to push own metrics

USERS_PUSH_METRICS

a user to manage allowed CIDRs for roles and scopes

X

Manage mail server for reseller

ENTERPRISE_MANAGE_SERVER_MAIL

This privilege allows a user to

push their own metrics

X

X

manage server mail for resellers

X

Manage user creation in provider

credentials

USERS_MANAGE_CREDENTIALS

ENTERPRISE_CREATE_USER_IN_PROVIDER

This privilege allows a user to manage user creation in a provider

credentials (add and deleteUSERS_MANAGE_APPLICATIONS

(in credentials list)

X

Manage user applications

X

Access user metadata (dashboards)

USERS_VIEW_USERS_METADATA

This privilege allows a user to

manage applications (add and delete

access users metadata (dashboards)

X

Manage

reseller enterprisesENTERPRISE

user metadata (dashboards)

USERS_MANAGE_USERS_

RESELLER

METADATA

This privilege allows a user to manage

resellers

users metadata (dashboards)

X

Manage key node enterprises

ENTERPRISE_MANAGE_KEY_NODE

Access enterprise metadata (dashboards)

USERS_VIEW_ENTERPRISE_METADATA

This privilege allows a user to

manage aggregation nodes

access enterprise metadata (dashboards)

X

Manage enterprise

propertiesENTERPRISE

metadata (dashboards)

USERS_MANAGE_ENTERPRISE_

PROPERTIES

METADATA

This privilege allows a user to manage enterprise

properties

metadata (dashboards)

X

Manage

user allowed CIDRsMANAGE_USER_CIDR_ACCESS

default themes

USERS_MANAGE_THEMES

This privilege allows

a

the user to manage

allowed CIDRs for users

the default theme for the platform (only one will be active)

X

Manage

virtual datacenter roles

reseller themes

USERS_MANAGE_

VDC

RESELLER_

ROLES

THEMES

This privilege allows

a

the user to manage

virtual datacenter roles (select default role, define user exceptions

themes for resellers and their customers (only one active)

X

Access budgets section

BUDGET_VIEW

Manage theme login configuration

USERS_MANAGE_THEME_LOGIN_CONFIG

This privilege allows

a

the user to

access the budgets section

manage the theme login css configuration

X

Manage

budgetsBUDGET

organizational units

ORGANIZATIONAL_UNITS_MANAGE

This privilege allows a user to manage

budgets (create, edit and delete)

X

Manage role and scope allowed CIDRs

MANAGE_ROLE_AND_SCOPE_CIDR_ACCESS

This privilege allows a user to manage allowed CIDRs for roles and scopes

X

Manage mail server for reseller

ENTERPRISE_MANAGE_SERVER_MAIL

This privilege allows a user to manage server mail for resellers

X

Manage user creation in provider

ENTERPRISE_CREATE_USER_IN_PROVIDER

This privilege allows a user to manage user creation in a provider (in credentials list)

X

X

Access user metadata (dashboards)

USERS_VIEW_USERS_METADATA

organizational units

X

X

Pricing privileges

 

 

 

 

 

 

 

GUI Label _________________

Application Tag

Privilege____________________________________

Cloud Admin

Ent Admin

Ent User

Ent Viewer

Info

Access Pricing view

PRICING_VIEW

This privilege allows a user to access

users metadata (dashboards)

the Pricing view

X

Manage

user metadata (dashboards)USERS

pricing

PRICING_MANAGE

_USERS_METADATA

This privilege allows a user to manage

users metadata (dashboards)

X

Access enterprise metadata (dashboards)

USERS_VIEW_ENTERPRISE_METADATA

This privilege allows a user to access enterprise metadata (dashboards

pricing components (add, edit and delete currencies, pricing models and extra charges)

X

Manage

enterprise metadata (dashboards)USERS_

pricing credentials

MANAGE_

ENTERPRISE

PRICING_

METADATA

CREDENTIALS

This privilege allows a user to manage

enterprise metadata (dashboards)

GUI Label _________________

Application Tag

Privilege____________________________________

Cloud Admin

Ent Admin

Ent User

Ent Viewer

Info

Access Pricing view

PRICING

pricing credentials

X

X

Pricing privileges

Generate billing

RUN_BILLING

This privilege allows a user to generate billings

X

X

Manage hardware profile extra charges

COST_CODE_MANAGE_HARDWARE_PROFILE

This privilege allows a user to manage hardware profile extra charges

X

X

Manage virtual machine extra charges

COST_CODE_MANAGE_VIRTUAL_MACHINE

This privilege allows a user to manage virtual machine extra charges

X

X

Manage virtual machine template extra charges

COST_CODE_MANAGE_VIRTUAL_MACHINE_TEMPLATE

This privilege allows a user to manage virtual machine template extra charges

X

X

View price factors

PRICE_FACTOR_VIEW

This privilege allows a user to access the

Pricing

Price factors view

X

Manage

pricingPRICING

price factors

PRICE_FACTOR_MANAGE

This privilege allows a user to manage

pricing components (add, edit and delete currencies, pricing models and extra charges)

price factors

X

Manage

pricing credentialsMANAGE_PRICING_CREDENTIALS

enterprise products

COST_CODE_MANAGE_ENTERPRISE

This privilege allows a user to manage enterpirse products

X

X

View enterprise products

COST_CODE_VIEW_ENTERPRISE

This privilege allows a user to

manage pricing credentials

view enteprise products

X

X

Generate billing

RUN_BILLING

View hardware profile extra charges

COST_CODE_VIEW_HARDWARE_PROFILE

This privilege allows a user to

generate billings

view hardware profile extra charges

X

X

Manage hardware profile

View virtual machine extra charges

COST_CODE_

MANAGE

VIEW_

HARDWARE

VIRTUAL_

PROFILE

MACHINE

This privilege allows a user to

manage hardware profile

view virtual machine extra charges

X

X

Manage

View virtual machine template extra charges

COST_CODE_

MANAGE

VIEW_VIRTUAL_MACHINE_TEMPLATE

This privilege allows a user to

manage virtual machine extra charges

view virtual machine template extra charges

X

X

Regenerate billing

PRICING_REGENERATE

This privilege allows a user to regenerate billing for a pricing model

X

X

Manage virtual machine template

Remove one-time extra charges from entities

COST_CODE_

MANAGE

REMOVE_

VIRTUAL

ONE_

MACHINE_TEMPLATE

TIME

This privilege allows a user to

manage virtual machine template

remove one-time extra charges from entities

X

X

Events privileges

 

 

 

 

 

 

 

GUI Label _________________

Application Tag

Privilege____________________________________

Cloud Admin

Ent Admin

Ent User

Ent Viewer

Info

Display all events for current enterprise

EVENTLOG_VIEW_ENTERPRISE

This privilege allows a user to display all events related to the current enterprise

X

X

X

X

Display all events

EVENTLOG_VIEW_ALL

This privilege allows a user to display all events

X

Control privileges

 

 

 

 

 

 

 

GUI Label _________________

Application Tag

Privilege___________________

Application Tag

Privilege

_________________

Cloud Admin

Ent Admin

Ent User

Ent Viewer

Info

Access alarms section

USERS_VIEW_ALARMS

This privilege allows a user to access the alarms sections

X

Manage alarms

USERS_MANAGE_ALARMS

This privilege allows a user to manage alarms (create, edit and delete)

X

Access alerts section

USERS_VIEW_ALERTS

This privilege allows a user to access the alerts sections

X

Manage alerts

USERS_MANAGE_ALERTS

This privilege allows a user to manage alerts (create, edit and delete)

X

Access action plans, schedule and alert trigger tabs

ACTION_

__________

Cloud Admin

Ent Admin

Ent User

Ent Viewer

Info

Access alarms section

USERS_VIEW_ALARMS

PLAN_VIEW

This privilege allows a user to access the Action plans, the Schedule and Alert trigger tabs

X

Manage action plans and task schedules

ACTION_PLAN_MANAGE

This privilege allows a user to manage action plans, schedule and alert triggers

X

Access budgets section

BUDGET_VIEW

This privilege allows a user to access the

alarms sections

budgets section

X

Manage

alarms

budgets

USERS

BUDGET_MANAGE

_ALARMS

This privilege allows a user to manage

alarms

budgets (create, edit and delete)

X

View enterprise hierarchy

ENTERPRISE_VIEW_HIERARCHY

This privilege allows the user to display the enterprises in a hierarchy

X

Access

alerts sectionUSERS

resource tags tabs and resource tags management view

TAGS_VIEW

_ALERTS

This privilege allows

a user to access the alerts sections

the user to display the Tags tab of resources and the Tags management view

X

Manage

alertsUSERS

tags for compatible resources

TAGS_MANAGE

_ALERTS

This privilege allows

a

the user to manage

alerts (create

tags for compatible resources (add, edit, synchronize and delete)

X

Access

action plans, schedule and alert trigger tabsACTION_PLAN

tag policies view

TAG_POLICIES_VIEW

This privilege allows

a user to access

the

Action plans, the Schedule and Alert trigger tabs

X

Manage action plans and task schedules

ACTION_PLAN_MANAGE

This privilege allows a user to manage action plans, schedule and alert triggers

X

View enterprise hierarchy

ENTERPRISE_VIEW_HIERARCHY

user to display tag policies view

X

Manage tag policies

TAG_POLICIES_MANAGE

This privilege allows the user to

display the enterprises in a hierarchy

X

Access resource tags tabs and resource tags management view

TAGS_VIEW

manage tag policies (add, edit and delete)

X

Manage cost usage report files

USERS_MANAGE_COSTUSAGE_REPORTS_FILES

This privilege allows

the user to display the Tags tab of resources and the Tags management view

a user to manage cost usage report files (create, edit and delete)

X

X

Manage

tags for compatible resourcesTAGS_MANAGE

cost usage report filters

USERS_MANAGE_COSTUSAGE_REPORTS_FILTERS

This privilege allows

the

a user to manage

tags for compatible resources (add

cost usage report filters (create, edit

, synchronize TAG_POLICIES_MANAGE

and delete)

X

Access tag policies view

TAG_POLICIES_VIEW

This privilege allows the user to display tag policies view

X

Manage tag policies

X

Schedule to generate cost usage CSV files

USERS_SCHEDULE_COSTUSAGE_REPORTS_FILTERS

This privilege allows

the user to manage tag policies (add, edit and delete)

a user to generate CSV files of cost usage reports

X

X

System configuration privileges

 

 

 

 

 

 

 

GUI Label _________________

Application Tag

Privilege____________________________________

Cloud Admin

Ent Admin

Ent User

Ent Viewer

Info

Access Configuration view

SYSCONFIG_VIEW

This privilege allows a user to access the Configuration view

X

Modify configuration data

SYSCONFIG_ALLOW_MODIFY

This privilege allows a user to edit all system-wide configuration settings

X

Allow access to reports

SYSCONFIG_SHOW_REPORTS

This privilege allows a user to access external reports by clicking the Reports button. The button will only be visible if the 'Reports URL' system property is not empty (Configuration -> System Properties -> General -> Reports URL)

X

Manage default dashboards

SYSCONFIG_MANAGE_DEFAULT_DASHBOARDS

This privilege allows a user to manage default dashboards

X

Key to info column of privileges table

...