3.7. Data Centers and Permissions
3.7.1. Managing System Permissions for a Data Center
The system administrator, as the SuperUser, manages all aspects of the Administration Portal. More specific administrative roles can be assigned to other users. These restricted administrator roles are useful for empowering a user with certain administrative privileges that limit them to a specific resource: a DataCenterAdmin role has administrator privileges only for the assigned data center, a ClusterAdmin has administrator privileges only for the assigned cluster, a StorageAdmin has administrator privileges only for the assigned storage domain, and so forth.
A data center administrator is a system administration role for a specific data center only. This is useful in virtualized environments with multiple data center, where each data center requires a system administrator. The DataCenterAdmin role is a hierarchical model: a user assigned the data center administrator role for a data center can manage all objects in the data center. Use the button in the header bar to assign a data center administrator for all data centers in the environment.
The data center administrator role permits the following actions:
- Create and remove clusters associated with the data center;
- Add and remove hosts, virtual machines, and pools associated with the data center; and
- Edit user permissions for virtual machines associated with the data center.
Note
You can only assign roles and permissions to existing users.
You can change the system administrator of a data center by removing the existing system administrator and adding the new system administrator.