Introduction
NSX is accessed from a vSphere web client through the NSX Networking & Security
plugin. The vSphere web client itself is predominantly accessed by the server virtualization operations team, but after the initial deployment of NSX, the network and security operations will also need to access the vSphere web client to access NSX. It is common for organizations to have a dedicated team for networking and security and such organizations would require a secure method for restricting account access to authorized users.
NSX supports role-based access control (RBAC) and there are four available roles:
- Enterprise Administrator (
enterprise_admin
 in REST API): Full access role with read and write REST API calls (HTTP GET
,POST
,UPDATE
,DELETE
) - Security Administrator (
security_admin
in REST API): Security-only access role with read-only access REST API calls (HTTP GET
) - NSX Administrator (
vshield_admin
in REST API): NSX-only access role outside of security features with read-only access REST...