VMware Cloud Director single sign-on with IBM Cloud IAM
You can use the VMware Cloud Director™ console to configure and manage the IBM Cloud® for VMware Cloud Foundation as a Service virtual data centers (VDCs). VMware® by Broadcom workloads are created, deployed, and managed in the VMware Cloud Director console.
Access the VMware Cloud Director console from the VMware Solutions console to complete the following tasks from the console.
- Virtual machine (VM) templates upload
- vApp and VM deployment and management
- Virtual network creation and management
- Edge configuration and putting VMs on the public and private networks
- User administration
Authentication and authorization to VMware Cloud Director defaults to using IBM Cloud Identity and Access Management (IAM). Users log in to VMware Cloud Director by using their IBM Cloud credentials. When logged in to the IBM Cloud account with the VMware Cloud Foundation (VCF) as a Service instance, single sign-on (SSO) is used to access VMware Cloud Director.
From the VMware Solutions console, click VMware console to access the VMware Cloud Director console.
Before you begin
Review roles and assign resource access for VCF as a Service instances. For more information, see Managing IAM access for VCF as a Service and Roles and permissions for VMware Cloud Director.
Responsibilities when you use IAM
Review the following information to understand your responsibilities and IBM® responsibilities for managing IAM.
IBM responsibilities
Review IBM responsibilities for managing IAM.
- Configure the IAM integration with the VMware Cloud Director console by using OpenID Connect (OIDC) for new deployments.
- In the VMware Cloud Director console, populate the initial roles and permissions that map to the IAM roles. For more information, see Roles and permissions for VMware Cloud Director.
Your responsibilities
Review your responsibilities for managing IAM.
- Maintain and manage the IBM Cloud IAM SSO integration with VMware Cloud Director.
- User roles and permissions are managed in IBM Cloud IAM.
- Remove or disconnect the IBM Cloud IAM integration with VMware Cloud Director if you want local authentication (auth-n) and authorization (auth-z) through VMware Cloud Director.
- Users are added to VMware Cloud Director and managed directly in VMware Cloud Director with roles and permissions.