4.3. Clusters and Permissions
4.3.1. Managing System Permissions for a Cluster
The system administrator, as the SuperUser, manages all aspects of the Administration Portal. More specific administrative roles can be assigned to other users. These restricted administrator roles are useful for empowering a user with certain administrative privileges that limit them to a specific resource: a DataCenterAdmin role has administrator privileges only for the assigned data center, a ClusterAdmin has administrator privileges only for the assigned cluster, and so forth.
A cluster administrator is a system administration role for a specific data center only. This is useful in data centers with multiple clusters, where each cluster requires a system administrator. The ClusterAdmin role is a hierarchical model: a user assigned the cluster administrator role for a cluster can manage all objects in the cluster. Use the button in the header bar to assign a cluster administrator for all clusters in the environment.
The cluster administrator role permits the following actions:
- Create and remove associated clusters;
- Add and remove hosts, virtual machines, and pools associated with the cluster; and
- Edit user permissions for virtual machines associated with the cluster.
Note
You can only assign roles and permissions to existing users.
You can also change the system administrator of a cluster by removing the existing system administrator and adding the new system administrator.