7.4
Table Of Contents
- Foundations and Concepts
- Contents
- Foundations and Concepts
- Foundations and Concepts
- Using Scenarios
- Using the Goal Navigator
- Introducing vRealize Automation
- Tenancy and User Roles
- Service Catalog
- Infrastructure as a Service
- XaaS Blueprints and Resource Actions
- Common Components
- Life Cycle Extensibility
- vRealize Automation Extensibility Options
- Leveraging Existing and Future Infrastructure
- Configuring Business-Relevant Services
- Extending vRealize Automation with Event-Based Workflows
- Integrating with Third-Party Management Systems
- Adding New IT Services and Creating New Actions
- Calling vRealize Automation Services from External Applications
- Distributed Execution
- Foundations and Concepts
Table 1. Tenant Configuration (Continued)
Configuration Area Description
Service catalog offerings Service architects can create and publish catalog items to the service catalog and
assign them to service categories. Services and catalog items are always specific to a
tenant.
Infrastructure resources The underlying infrastructure fabric resources, for example, vCenter servers, Amazon
AWS accounts, or Cisco UCS pools, are shared among all tenants. For each
infrastructure source that vRealize Automation manages, a portion of its compute
resources can be reserved for users in a specific tenant to use.
About the Default Tenant
When the system administrator configures an Active Directory link using Directories management during
the installation of vRealize Automation, a default tenant is created with the built-in system administrator
account to log in to the vRealize Automation console. The system administrator can then configure the
default tenant and create additional tenants.
The default tenant supports all of the functions described in Tenant Configuration. In the default tenant,
the system administrator can also manage system-wide configuration, including global system defaults for
branding and notifications, and monitor system logs.
User and Group Management
All user authentication is handled by Active Directory links that are configured through Directories
Management. Each tenant has one or more Active Directory links that provide authentication on a user or
group level.
The root system administrator performs the initial configuration of single sign-on and basic tenant creation
and setup, including designating at least one tenant administrator for each tenant. Thereafter, a tenant
administrator can configure Active Directory links and assign roles to users or groups as needed from
within their designated tenant.
Tenant administrators can also create custom groups within their own tenants and add users and groups
to those groups. Custom groups can be assigned roles or designated as the approvers in an approval
policy.
Tenant administrators can also create business groups within their tenants. A business group is a set of
users, often corresponding to a line of business, department or other organizational unit, that can be
associated with a set of catalog services and infrastructure resources. Users and custom groups can be
added to business groups.
Comparison of Single-Tenant and Multi-tenant Deployments
vRealize Automation supports deployments with either a single tenant or multiple tenants. The
configuration can vary depending on how many tenants are in your deployment. Many NSX and vSphere-
related blueprint selections are tenant-specific.
System-wide configuration is always performed in the default tenant and can apply to one or more
tenants. For example, system-wide configuration might specify defaults for branding and notification
providers.
Foundations and Concepts
VMware, Inc. 13