Setting Up Role-based Access Control
You can define permissions within Zerto Cloud Manager and via VMware vCenter Server.
■ Zerto Cloud Manager: Within Zerto Cloud Manager you can apply permissions to specific Zerto entities such as ZORGs, VPGs, and sites.
■ Permissions determine the roles that apply to a specific user or user group on a specific Zerto entity.
■ Roles are a set of privileges, and privileges define an operation or a set of operations that can be performed, such as managing a VPG or VRA.
■ Roles can be assigned to users and groups of users.
■ You can manage roles and update the privileges associated with both new roles that you create and the roles supplied with Zerto.
■ You can then manage the permissions per Zerto entity.
For details, see the Zerto Cloud Manager Administration Guide.
■ VMware vCenter Server: VMware roles and permissions are the core of VMware infrastructure security.
■ Permissions are a combination of a user/group and a security role that is applied to some level of the VMware Infrastructure.
■ Zerto supplies a number of default privileges that enable a VMware administrator to perform specific actions.
■ You can define additional roles and assign these roles the privileges they need.
■ All privileges are implemented at the root level, and thus apply to every object in the vCenter Server.
Note: When upgrading vCenter Server be sure that the user entity that Zerto is using is preserved in the user/permissions hierarchy.