7.3
Table Of Contents
- Foundations and Concepts
- Contents
- Foundations and Concepts
- Updated Information
- Foundations and Concepts
- Using Scenarios
- Using the Goal Navigator
- Introducing vRealize Automation
- Tenancy and User Roles
- Service Catalog
- Infrastructure as a Service
- XaaS Blueprints and Resource Actions
- Common Components
- Life Cycle Extensibility
- vRealize Automation Extensibility Options
- Leveraging Existing and Future Infrastructure
- Configuring Business-Relevant Services
- Extending vRealize Automation with Event-Based Workflows
- Integrating with Third-Party Management Systems
- Adding New IT Services and Creating New Actions
- Calling vRealize Automation Services from External Applications
- Distributed Execution
Table 2‑1. Tenant Configuration (Continued)
Configuration Area Description
Notification providers System administrators can configure global email servers that process email
notifications. Tenant administrators can override the system default servers, or add
their own servers if no global servers are specified.
Business policies Administrators in each tenant can configure business policies such as approval
workflows and entitlements. Business policies are always specific to a tenant.
Service catalog offerings Service architects can create and publish catalog items to the service catalog and
assign them to service categories. Services and catalog items are always specific to a
tenant.
Infrastructure resources The underlying infrastructure fabric resources, for example, vCenter servers, Amazon
AWS accounts, or Cisco UCS pools, are shared among all tenants. For each
infrastructure source that vRealize Automation manages, a portion of its compute
resources can be reserved for users in a specific tenant to use.
About the Default Tenant
When the system administrator configures an Active Directory link using Directories management during
the installation of vRealize Automation, a default tenant is created with the built-in system administrator
account to log in to the vRealize Automation console. The system administrator can then configure the
default tenant and create additional tenants.
The default tenant supports all of the functions described in Tenant Configuration. In the default tenant,
the system administrator can also manage system-wide configuration, including global system defaults for
branding and notifications, and monitor system logs.
User and Group Management
All user authentication is handled by Active Directory links that are configured through Directories
Management. Each tenant has one or more Active Directory links that provide authentication on a user or
group level.
The root system administrator performs the initial configuration of single sign-on and basic tenant creation
and setup, including designating at least one tenant administrator for each tenant. Thereafter, a tenant
administrator can configure Active Directory links and assign roles to users or groups as needed from
within their designated tenant.
Tenant administrators can also create custom groups within their own tenants and add users and groups
to those groups. Custom groups can be assigned roles or designated as the approvers in an approval
policy.
Tenant administrators can also create business groups within their tenants. A business group is a set of
users, often corresponding to a line of business, department or other organizational unit, that can be
associated with a set of catalog services and infrastructure resources. Users and custom groups can be
added to business groups.
Foundations and Concepts
VMware, Inc. 16