Skip to main content

How to enforce Day2 Action Policy in vRA 8.x

It's bit different when compared to vRA 7.x versions. If you do not have any Day 2 Action policies defined, then no governance is applied and all users have access to all the actions by default in vRA 8.x.Okay, let see this with an example

By default all the deployments/machines are entitled with all actions for all users in the organization


Once you a define Day 2 Action policy it goes into effect for specified users of vRA service broker and Cloud assembly. As a result, only the users for whom the first policy is true can run the selected actions. All others are excluded.

I have created a Day2 Action policy to change deployment lease and create snapshot of cloud machine for Administrator user in the entire organization(includes all projects in the organization).


As you can see below I logged in with an project administrator user and I am entitled with enforced Day2 action created and this will be applied for existing deployment as well.


When I logged as a project member user as below I am not entitled for any Day2 actions


Hope this gives an idea of how day2 action policy works in vRA 8.x.

Labels:

Comments

Post a Comment

Popular posts from this blog

Building My First AI Chatbot with Azure OpenAI Services

In April 2024, I embarked on an exciting journey into the world of artificial intelligence (AI), starting with learning Python. Coming from an infrastructure-focused background, diving into AI development felt like a monumental shift. Without prior coding experience, I realized that building AI tools or training models from scratch would require a long-term commitment. However, I was determined to take small, practical steps toward understanding this fascinating field. Exploring cloud AI services from providers like AWS and Azure led me to Azure OpenAI services. This platform showed me how AI could be leveraged to create applications— like chatbots—without deep coding expertise. I was especially intrigued by concepts such as indexing, semantic search, and retrieval-augmented generation (RAG). These tools enabled me to build my first business use case: a Microsoft Teams chatbot designed to resolve internal queries and reduce dependency on subject matter experts (SMEs). This blog is a s...
Post a Comment
Read more

Deleting stale kubernetes clusters in vCD

Unlike the previous version the CSE 4.x is a stateless appliance and its data is stored in VMware Cloud Director Database.  The cluster creation and deletion compared with CSE 3.x version has improved. Besides, there are some scenarios where the cluster deletion is failing even when the "Force Delete" option is chosen. We can use vCD API explorer to delete it, the following are the API queries you can execute  Under definedEntity POST /1.0.0/entities/{id}/resolve DELETE /1.0.0/entities/{id}
Post a Comment
Read more