How to Assign Organization and Service Roles
search cancel

How to Assign Organization and Service Roles

book

Article ID: 413403

calendar_today

Updated On:

Products

VMware Cloud on AWS VMware Live Recovery

Issue/Introduction

Organization members are assigned organization roles and service roles. As an organization owner, you can change both kinds of role assignments for members of your organization.

Organization roles specify the privileges that an organization member has over organization assets.

Service roles specify the privileges that an organization member has when accessing VMware Cloud Services that the organization uses.

All service roles can be assigned and changed by a user with organization owner privileges.

Environment

  • VMware Cloud on AWS
  • VMware Live Recovery

Resolution

Organization Owners will have access to the IAM (Identity & Access Management) page via the left-hand navigation menu. 

From here they can:

  • Manage user permissions from the Users tile.
  • Manage OAuth Apps from the OAuth Apps tile.
  • Manage user permission requests via the Governance tile.

 

Users

The 'Users' tile will display Active Users, Pending Invitations, and will also give the ability to Add & Remove Users from the Organization.

Add Users

1. To add a user, click the “Add Users” button. 

  • Add a single email address or a comma-separated to add bulk users.
  • Assign Organization Roles.
  • Assign Additional Roles (Developer) with an expiration if required.
  • Assign Service Roles using the role dropdown menu.

2. Click the “Add” button, then “Add Users”.

3. If the added user already has a profile in the Broadcom Cloud Console, they will automatically be added to the Organization and will appear under the 'Active Users' tab.

4. If the added user does not have a profile in the Broadcom Cloud Console, they will appear under the 'Pending Invitations' tab. From here, you can retrigger the invitation or revoke the pending invitation.

Note: Changes to IAM policy take up to 30 minutes to reflect. 

 

Governance

The Organization Owner can Approve or Reject a pending access request from the 'Governance' tile. 

  1. Log in to the Cloud Service Console.
  2. On the Top right corner, you will see a dropdown next to your name, click My Account.
  3. The assigned Organization & Service roles are displayed.
  4. The user will be able to view the Request Role option on the right.
  5. Click Request Role, and you will be able to check which role you are eligible to request. For example, an Organization Member will see the option to request a role for Organization Owner & Organization Administrator.
  6. Once requested, the Organization Owner will be able to view this request as pending under the 'Governance' tile >> Requests
  7. Organization Owner to click the edit option and approve/reject the request based on their requirement.



Powered by Wolken Software