Discover the optimal steps for assigning a custom role to provide selective access to inventory objects in VMware vSphere 8.x, meeting specific requirements for management and workload clusters.
Table of Contents
Question
An administrator is tasked with providing users access to objects within an existing VMware vCenter instance. The vCenter inventory has a single data center with one management vSphere cluster and five workload vSphere clusters.
The following requirements must be met for assigning the users access:
- Users must only be able to view all of the inventory objects associated with the management vSphere cluster.
- Users must be able to edit all of the inventory objects associated with the workload vSphere clusters.
- The administrator creates a custom role to provide the permissions needed to allow users to edit inventory objects.
Which series of steps should the administrator complete to assign the custom role and provide the required level of access to users?
A. Apply Global permissions to assign the Read Only role to the root vCenter object. Apply vCenter permissions to assign the custom role to the workload vSphere clusters and enable propagation.
B. Apply Global permissions to assign the Read Only role to the root vCenter object and enable propagation. Apply vCenter permissions to assign the custom role to the workload vSphere clusters and enable propagation.
C. Apply Global permissions to assign the Read Only role to the root vCenter object. Apply vCenter permissions to assign the custom role to the workload vSphere clusters.
D. Apply Global permissions to assign the Read Only role to the root vCenter object and enable propagation. Apply vCenter permissions to assign the custom role to the workload vSphere clusters.
Answer
A. Apply Global permissions to assign the Read Only role to the root vCenter object. Apply vCenter permissions to assign the custom role to the workload vSphere clusters and enable propagation.
Explanation
The correct answer is: A. Apply Global permissions to assign the Read Only role to the root vCenter object. Apply vCenter permissions to assign the custom role to the workload vSphere clusters and enable propagation.
To meet the given requirements, the administrator needs to follow these steps:
- Apply Global permissions to assign the Read Only role to the root vCenter object. This will grant read-only access to the entire vCenter inventory, including the management vSphere cluster, as per the first requirement.
- Apply vCenter permissions to assign the custom role (with edit permissions) to the workload vSphere clusters. This custom role should have the necessary permissions to edit inventory objects.
- Enable propagation for the custom role assignment on the workload vSphere clusters. This will ensure that the edit permissions granted by the custom role are propagated down to all child objects within the workload clusters, meeting the second requirement.
By following this approach, users will have read-only access to the management vSphere cluster (through the Global permissions on the root vCenter object) and edit access to all inventory objects within the workload vSphere clusters (through the custom role assignment with propagation).
The other options are incorrect because:
Option B is incorrect as it enables propagation for the Read Only role assignment on the root vCenter object, which would grant read-only access to the entire inventory, including the workload clusters, violating the second requirement.
Option C is incorrect as it does not enable propagation for the custom role assignment on the workload clusters, meaning the edit permissions would not be propagated to child objects within those clusters.
Option D is incorrect as it enables propagation for the Read Only role assignment on the root vCenter object, which would grant read-only access to the entire inventory, including the workload clusters, violating the second requirement.
VMware vSphere 8.x Professional 2V0-21.23 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the VMware vSphere 8.x Professional 2V0-21.23 exam and earn VMware vSphere 8.x Professional 2V0-21.23 certification.