New vCloud Air Security Roles • Chris Colotti's Blog

New vCloud Air Security Roles

vCloud Air

Since the launch of vCloud Air, one of the things myself and others have been asking for especially on dedicated clouds is the ability to control access to the various Virtual Data Center objects within a single subscription.  As of today there is now the ability to do so!

NOTE:  These capabilities do not appear to be in the vCloud Air OnDemand Beta environment.  This is all available in the current vCloud Air production subscription offerings.

Starting with adding a new user you can see a few new fields.


The new breakdown allows separate control of the Infrastructure, Accounts, and network administration levels.  You will also notice the note about “assigned vDC’s, which now means you can per vDC assign or remove a user’s access to that object.  Just because you make a user a VI administrator does not mean now they have access to all vDC’s in your cloud.  You can then change that at the virtual data center level on the Users Tab.edit_vdc_new

You can see from the image above you can check boxes for access to this vDC.  What you can also notice is by default the Account Administrator role has access to all vDC’s.  So for that role you want a few folks but not everyone in your cloud.

If you have been waiting for vCloud Air to support more granular role based access so you can broker out dedicated cloud resources….well now you have it!  This is a great addition I know personally a few partners and customers alike have been waiting for.  If you have not logged into check it out, you should do so today.

Check Also

Could Have, Should Have, Would Have….

Some days you wake up and wonder ‘What If..?”  For whatever reason today was that …

Leave a Reply

Your email address will not be published. Required fields are marked *

%d bloggers like this: