User assigned the Service Broker Viewer role in Aria Automation under Identity & Access Management can view all Day 2 actions for deployments.
search cancel

User assigned the Service Broker Viewer role in Aria Automation under Identity & Access Management can view all Day 2 actions for deployments.

book

Article ID: 397853

calendar_today

Updated On:

Products

VCF Operations/Automation (formerly VMware Aria Suite)

Issue/Introduction

Users or groups with the Service Broker Viewer role are able to perform all Day 2 actions, such as Add Disk, Power Off, and Delete etc.

Environment

VMware Aria Automation 8.18.x

Cause

When a user or group associated with a project has all roles assigned as shown below, they must have access to all Day 2 actions for the deployments.





Resolution

In order to restrict the permissions, please follow the steps below.

  • Go to Assembler > Infrastructure > Projects
  • Check which projects have the respective users and groups added
  • Open the specific project and go to the "Users" section
  • Remove all roles and retain only the "Viewer" role at the project level and click "Save", as illustrated below



  • After the changes, the user will no longer see any Day 2 actions available and will have read-only access.
Powered by Wolken Software