Understanding the user details view for authorized resources
When viewing details for system users, you can see counters for various cloud resources that the user is authorized to access based on which access rights have been granted to the user.
- Cloud groups
- IP groups
- Virtual machines
- Virtual appliances
Depending on which role the user has been granted, not all cloud resources are visible on the user interface.
Granting or revoking resource access rights on the console requires the authorization roles of Security administration with Manage security (Full permission) and Allow delegation when Full permission is selected.
The
page lists the resources a selected user is authorized to view. In 2.3.3.3 or later, navigate to .The resources shown for each user depend on the authorization roles of the user logged into the console. To view other users' resources and associated details, you must have both the View all cloud resources (Read-only) and View all security resources (Read-only) roles. Being assigned the View users/groups (Read-only) role by itself is not sufficient to view other users' resources and details.
The workload resources shown are only those visible from the console, therefore virtual systems and virtual applications are not included.
Authorized users can add new users and grant them access to the virtual system instance. However, new users will not have access to manage the individual virtual machines associated with the virtual system instance even if they are granted all access to the virtual system. Users must be explicitly granted access to individual virtual machines by the owner or other authorized resource manager who is granted the Manage workload resources (Full permission) role.
Authorization roles | Resource views | |
---|---|---|
Security administration > | Workload administration > | |
View users/groups (Read-only) | Any | None (shows 0 in total on panel) |
View all security resources (Read-only) | Not set | Can list owned + authorized but cannot see virtual machine details |
View all security resources (Read-only) | View all cloud resources (Read-only) | Can list owned + authorized |