Site icon Default Reasoning

Dashboard access based on group membership in vROps

The dashboard access based on group membership is a feature often requested by a lot of customers. Usually, a division or department in an organization wants to have some insight in workloads they are running on the vSphere infrastructure. On the other hand, the IT department wants to provide access for those users to see the resource consumption for their particular department.

Create custom role

Before you import a custom group from AD to vROps, you need to create a custom role that will only display the necessary dashboards.

  1. Log in to vROps as Admin user and go from the Home page to Administration -> Access Control and select the Roles.
  2. Add a new role by clicking the green plus button.
  3. Enter a name and a description for the new role and click OK to create it.
  4. Next, select the group in the list and click the pencil icon at the right-bottom to edit the permissions for this role.
  5. Select the following permissions only:
    1. Administration – Login Interactively
    2. Content – View Management – Render
    3. Environment – Inventory trees – Container Adapter 
    4. Environment – View Dashboard Home Page 
  6. Click Update to save the settings.

Import group from AD

  1. Switch to the User Groups.
  2. Click the Import Group icon (not the green plus icon). Make sure the correct source is selected in the Import From field, enter the name of an AD group and click Search.
  3. Select the appropriate group and click Next
  4. From the drop-down menu, select the custom role created earlier. Check the Assign this role to the group checkbox and under Select Objects, select the vCenter Server. 
  5. Click Finish.

Assign dashboard

  1. Next, switch to Content and select Dashboards. Click the gear icon and select Share Dashboards.
  2. From the right pane, click and hold a dashboard and move it to the custom group created earlier. Dashboards Assigned value should now change from 0 to 1 and you should see a green rectangle at the top-left of the cell. 
  3. Click Save.

Test access

  1. Log in as a member of the AD group to vROps user UI interface and verify that only the selected dashboard is displayed. 

That’s it! You can of course extend this with additional dashboards and views.

Cheers!

– Marek.Z

Exit mobile version