2.5
Table Of Contents
- vCenter Chargeback Manager User’s Guide
- Contents
- About the User's Guide
- Introduction to vCenter Chargeback Manager
- Configuring Administration Settings
- Authenticating and Managing Users, Roles, and Permissions
- Resource Based Authorization in vCenter Chargeback Manager
- Permissions Defined in vCenter Chargeback Manager
- Managing Roles
- Managing Users
- vCenter Chargeback Manager User Authentication
- Managing Chargeback Hierarchies
- Creating a Chargeback Hierarchy
- Managing a Chargeback Hierarchy
- View a Chargeback Hierarchy
- Add a vCenter Chargeback Manager Entity
- Add a vCenter Server Entity
- Rename a Chargeback Hierarchy or a Chargeback Entity
- Delete an Entity from the Hierarchy
- Delete a Chargeback Hierarchy
- Assign Attributes
- Move Entities Within a Hierarchy
- Allocate Computing Resource Units for a Chargeback Entity
- Share Virtual Machine Cost
- Backdate a Chargeback Hierarchy
- View Properties of a vCenter Server Entity
- Managing and Configuring vCenter Chargeback Manager Cost Elements
- Generating Reports
- Monitoring System Health
- Administration Utilities
- Index
Assign a Role to a User for a Resource
A user can access a resource created in the application only if he has created it or has privileges to access it. A
user can be given privileges to access a resource by assigning a role to him for the required resource.
If a user is assigned the Super User role, then he can access any resource created in the application. If a user is
assigned the Administrator role, then he can also access the resources created by the users that he has created.
You can assign only a single role to a user for a given resource. If a user already has a role assigned to him for
a given resource, the same is removed and the new role is set on the user for the selected resource.
A user with the Super User role can assign any role on any resource to a user. A user with the Administrator
role can assign any of the system-defined roles, other than Super User and Administrator roles, and the custom
roles created by him. This user can assign the roles only to users created by him and on the resources he has
access to.
The role that users can assign to other users on a resource depends on:
n
The permissions that the user has on the resource.
n
The roles that the user has access to.
When you assign a role to a user for a resource, vCenter Chargeback Manager automatically assigns either the
Dependent Resource Update role or the Dependent Resource Read role to the user for the dependent resources.
Table 3-10 lists the resources in vCenter Chargeback Manager that have a dependent resource.
Table 3-10. Dependent resources in vCenter Chargeback Manager
Parent Resource Dependent Resources
Pricing Model Billing Policy and Fixed Cost
Cost Template Fixed Cost
Schedule Report
Automatic Report Scheduler Schedule
If you assign a role with update permission on the parent resource, then vCenter Chargeback Manager assigns
the Dependent Resource Update role to the user for the dependent resources. If you assign a role with only
read permission on the parent resource, then vCenter Chargeback Manager assigns the Dependent Resource
Read role to the user for the dependent resources.
For example, if you assign a role with only read permission to a user on a pricing model that you have created,
then the user automatically get read permission on the fixed costs defined in the pricing model.
NOTE If you assign a role to an LDAP group for a resource, then the LDAP users belonging to the LDAP group
will be assigned the same role on the resources. However, the LDAP user cannot perform any action on the
resources, if the LDAP group does not have at least read privileges on the various resource types at the vCenter
Chargeback Manager level.
Procedure
1 In the Users & Roles tab, click Permissions.
A page listing the users, their type, whether the user has the Super User role or the Administrator role,
and if the user is a vCenter Server user then the vCenter Server name or if the user is an LDAP user or
group then the IP address of the LDAP server is displayed. The page also provides an option to select a
resource type.
2 Select the required resource type from the list.
vCenter Chargeback Manager User’s Guide
52 VMware, Inc.