90% of the time, VMware has updates that really bring value and give something to look forward to. The upgrade from vRO 7.5 to 7.6 however, does not. vRO has 3 roles, and the consumer role access in the bottom, is the one that gives user Read only rights. Unfortunately, after the upgrade this role is removed.
Which results in the following roles:
After this update, there are only 2 roles in the vRO client. While the workflow designer has more fine-grained roles than the Tenant Admin role that was before, only read options is not the option. Which can be a serious problem for organisations that for instance, needs to be PCI-Compliant. Unfortunately, this is what it is, and it is even not solved in version 8.2 of vRO. It seems that you now need to manage the roles with vRA, but I haven’t completely confirmed if it is also possible to use only the read roles on the vRO client.
A simple and quick workaround for this problem, is forwarding the vRO logs to vRLI and give users read permissions on the vRLI environment. Log Insight doesn’t give that easy to view dashboard of vRO itself, but it does contain the same information with the logs if you use the right queries. Which can be a quick and temporarily solution for your users that only need read permissions to check if the workflow is running properly for troubleshooting.
To achieve that, I wrote a separate blogpost about it here.
Thanks for reading.
Samir is the author of vSAM.Pro & a Life enthusiast who works as a consultant in the field of IT. With a great passion for Tech & Personal Development, he loves to help people with their problems, but also inspire them with a positive outlook on life.
Besides that, he is also a big Sport & Music junky that loves to spend a big chunk of his time on producing music or physically stretching himself.
