Companies migrating onto the cloud have numerous users with various roles that manage the infrastructure. User Management on cloud is therefore a vital part. It allows you to create and manage user accounts. You can have identity and fine grained access control by assigning specific permissions to each user. In an organization, there can be employees performing different type of actions on the infrastructure. For example, the developers need to start/stop servers for code deployment or test, whereas the account managers might want to do a different task like viewing the bills. User management can aid you to give these exact permissions.
In vCloud Air, the Account Administrator has all the rights and privileges to create, manage, edit or delete the users. Hence in order to create a user for the VMware vCloud Air account, you must have Account Administrator access, an active email id and the role of the user.
Following are the steps for adding a new user in VMware vCloud Air:
1. Login to your vCloud Air Account as Administrator.
2. On top right corner, click on Tools and choose Users.
3. Click Add User on the top menu.
4. Enter the details of user like First Name, Last Name, Email and Confirm Email.
5. Now choose which role you want to give to the new user. There are 4 access control:
Account Administrator: This role gives full control of the account to the user. User can perform all actions on available resources in the vCloud Air account including user management and account settings.
Scenario – This role can be best fit for a CTO or COO who might need full access to the infrastructure.
Resource Management Roles: These roles allow you to provide access to specific resources only. There are two subtypes here:
Virtual Infrastructure Administrator – The user is permitted to manage assigned Virtual Data Centers (VDC) and all the Virtual Machines (VM) in it.
Scenario – The developers can be given privileges to handle virtual machines in vAPP and VDC. This will allow a team to manage VMs in a VDC and need not worry about the gateway or network settings for the same.
Network Administrator: The user with this role can manage network for assigned VDCs.
Scenario – Like the name suggests, this role is for the network administrators having a primary task to manage the network between VDCs, vAPPs or VMs.
Read-only Access: This role allows read only access to assigned VDCs and all VMs under it.
Scenario – This role might fit for a team member who is documenting or an architect who is reviewing entire infrastructure. Such a member will never go and start/stop servers or change NAT rules.
End User: This role permits the user to create and manage VMs in assigned VDCs.
Scenario – An intern might be appropriate example for this role. Assigning a VDC to all the interns and allowing them to manage their own VMs.
6. Choose the one of the above roles and click the Add User button. The user is created successfully.
The user will receive an activation mail with the user details and a unique activation link. Using this link the user can set a password for the account and thereby have access to it.
You can also perform following actions on the existing users:
Reset user password: To do this, right click on the user and choose Reset User Password option. You can also find this option on the top menu. This will send an email to the user with a link to reset the password.
Enable or Disable user account: To do this, right click on the user and choose Enable or Disable option. When enabled, the user can perform actions based on the assigned role. When disabled, the user cannot have access to the vCloud Air account.
Delete user account: You can delete an existing user by selecting Delete option either from the top menu or by right clicking the user.
In case you are new to VMware vCloud Air, you might want to have a look at our previous blog post here, where we compare the VMware vCloud Air services with Amazon Web Services.