Course Content
VMware vSphere: Install, Configure, Manage Content
0/1
Course Introduction
Introduction to vSphere and the Software Defined Data Center
As a vSphere administrator, you must be familiar with the components on which vSphere is based. You must also understand the following concepts: Virtualization, the role of the ESXi hypervisor in virtualization and virtual machines Fundamental vSphere components and the use of vSphere in the software-defined data center Use of vSphere clients to administer and manage vSphere environments
0/4
Overview of vSphere and Virtual Machines
vSphere Virtualization of Resources
vSphere User Interfaces
Overview of ESXi
Virtual Machines
You can create a virtual machine in several ways. Choosing the correct method can save you time and make the deployment process manageable and scalable.
0/3
Creating Virtual Machines
Virtual Machine Hardware Deep Dive
Introduction to Containers
vCenter Server
vCenter Server helps you centrally manage multiple ESXi hosts and their virtual machines. If you do not properly deploy, configure, and manage vCenter Server Appliance, your environment might experience reduced administrative efficiency or ESXi host and virtual machine downtime.
0/8
Centralized Management with vCenter Server
Deploying vCenter Server Appliance
vSphere Licensing
Managing the vCenter Server Inventory
vCenter Server Roles and Permissions
Monitoring vCenter Server Appliance
Backing Up and Restoring vCenter Server Appliance
vCenter Server High Availability
Configuring and Managing Virtual Networks
When you configure ESXi networking properly, virtual machines can communicate with other virtual, and physical, machines. In this way, remote host management and IP-based storage operate effectively.
0/2
Introduction to vSphere Standard Switches
Configuring Standard Switch Policies
Configuring and Managing Virtual Storage
Understanding the available storage options helps you set up your storage according to your cost, performance, and manageability requirements. You can use shared storage for disaster recovery, high availability, and moving virtual machines between hosts.
0/6
vSphere Storage Concepts
Fibre Channel Storage
iSCSI Storage
VMFS Datastores
NFS Datastores
vSAN Datastores
Virtual Machine Management
Virtual machines are the foundation of your virtual infrastructure. Managing VMs effectively requires skills in creating templates and clones, modifying VMs, migrating VMs, taking snapshots, and protecting the VMs through replication and backups.
0/8
Creating Templates and Clones
Working with Content Libraries
Modifying Virtual Machines
Migrating VMs with vSphere vMotion
Enhanced vMotion Compatibility
Migrating VMs with vSphere Storage vMotion
Creating Virtual Machine Snapshots
vSphere Replication and Backup
Resource Management and Monitoring
Although the VMkernel works proactively to avoid resource contention, maximizing performance requires both analysis and ongoing monitoring. Developing skills in resource management, you can dynamically reallocate resources so that you can use available capacity more efficiently.
0/5
Virtual CPU and Memory Concepts
vSphere Resource Controls
vSphere Resource Monitoring Tools
Monitoring Resource Use in vSphere
Using Alarms in vSphere
vSphere Clusters
Most organizations rely on computer-based services like email, databases, and web-based applications. The failure of any of these services can mean lost productivity and revenue. By understanding and using vSphere HA, you can configure highly available, computer-based services, which are important for an organization to remain competitive in contemporary business environments. And by developing skills in using vSphere DRS, you can improve service levels by guaranteeing appropriate resources to virtual machines.
0/6
vSphere Clusters Overview
vSphere DRS
Introduction to vSphere HA
vSphere HA Architecture
Configuring vSphere HA
Introduction to vSphere Fault Tolerance
vSphere Lifecycle Management
Managing the life cycle of vSphere involves keeping vCenter Server and ESXi hosts up to date and integrated with other VMware and third-party solutions. To achieve these goals, you must understand how to use the new features provided by vSphere Lifecycle Manager, namely, clusterlevel management of ESXi hosts and the vCenter Server Update Planner.
0/5
vCenter Server Update Planner
Overview of vSphere Lifecycle Manager
Working with Baselines
Working with Images
Managing the Life Cycle of VMware Tools and VM Hardware
VMware vSphere: Install, Configure, Manage
About Lesson

vCenter Server Roles and Permissions

Learner Objectives

After completing this lesson, you should be able to meet the following objectives:

  • Define the term permission in the context of vCenter Server
  • Describe the rules for applying permissions
  • Create a custom role
  • Create a permission

About vCenter Server Permissions

 

Using the access control system, the vCenter Server administrator can define user privileges to access objects in the inventory. The following concepts are important:

  • Privilege: An action that can be performed
  • Object: The target of the action
  • User or group: Indication of who can perform the action
  • Role: A set of privileges
  • Permission: Gives one user or group a role (set of privileges) for the selected object

About Roles

 

Privileges are grouped into roles:

  • A privilege allows access to a specific task and is grouped with other privileges related to it.
  • Roles allow users to perform tasks.

vCenter Server provides a few system roles, which you cannot modify.

About Objects

  • Objects are entities on which actions are performed. Objects include data centers, folders, clusters, hosts, datastores, networks, and virtual machines.
  • All objects have a Permissions tab. The Permissions tab shows which user or group and role are associated with the selected object.

Adding Permissions to the vCenter Server Inventory

 

To add a permission:

  1. Select an object.
  2. Select a user or group from a domain.
  3. Select a role.
  4. Propagate the permission to the child objects.

Viewing Roles and User Assignments

The Roles pane shows which users are assigned the selected role on a particular object.

 

Applying Permissions: Scenario 1

A permission can propagate down the object hierarchy to all subobjects, or it can apply only to an immediate object.

 

Applying Permissions: Scenario 2

When a user is a member of multiple groups with permissions on the same object, the user is assigned the union of privileges assigned to the groups for that object.

 

Activity: Applying Group Permissions (1)

If Group1 has the Administrator role and Group2 has the No Access role, what permissions does Greg have?

 

Activity: Applying Group Permissions (2)

  • Greg has Administrator privileges.
  • Greg is assigned the union of privileges assigned to Group1 and Group2.

Applying Permissions: Scenario 3

 

  • A user can be a member of multiple groups with permissions on different objects. In this case, the same permissions apply for each object on which the group has permissions, as though the permissions were granted directly to the user.

Applying Permissions: Scenario 4

 

  • A user (or group) is given only one role for any given object.
  • Permissions defined explicitly for the user on an object take precedence over all group permissions on that same object.

Creating a Role

 

 

  • Create roles for only necessary tasks.
  • For example, you can create a Virtual Beans VM Provisioning role that allows a user to deploy VMs from a template.
  • Use folders to contain the scope of permissions. For instance, assign the Virtual Beans VM Provisioning role to user nancy@vmbeans.com and apply it to the Production VMs folder.

About Global Permissions

Global permissions support assigning privileges across solutions from a global root object:

  • Span solutions such as vCenter Server and vRealize Orchestrator
  • Give a user or group privileges for all objects in all object hierarchies

Review of Learner Objectives

After completing this vCenter Server Roles and Permissions lesson, you should be able to meet the following objectives:

  • Define the term permission in the context of vCenter Server
  • Describe the rules for applying permissions
  • Create a custom role
  • Create a permission
Join the conversation
Previous
Next