• CPA role is introduced in NSX 4.2.2 specifically designed for Cloud partners that require access to Networking and Security services but must prevent access to the NSX License view.
• User with this predefined role assigned is expected to have access to Alarms and Events, however, this doesn't work.
• User is not able to view the alarms using the API(GET /api/v1/alarms). 
  {
    "httpStatus": "FORBIDDEN",
    "error_code": 401,
    "module_name": "common-services",
    "error_message": "User is not authorized to perform this operation on the application. Please contact the system administrator to get access."
}

NSX 4.2.x or 9.0

Cloud Partner Admin(CPA) Role is not added in alarm_framework's permissions and so users with CPA role assigned failed to access Alarms and Events.

The issue is planned to be resolved in NSX 4.2.4 and 9.0.1 or later.

There is no workaround supported.

Role-Based Access Control