Configuring Multi-Organization Tenancy in vRealize Automation 8.x


vRealize Automation vRA Multi-Tenancy

Published on 2 May 2020 by Christopher Lewis. Words: 421. Reading Time: 2 mins.

Introduction

In this series of posts, we will be taking a look at how to configure a Multi-Organization Tenancy (aka Multi-Tenancy) in vRealize Automation (vRA) 8.x.

Scenario/Background

For this series, we will assume that vRealize Automation 8.x has been deployed and is working. What we need to do is create three new Organizations/Tenants, one for MedTech, one for FinTech and one for SciTech. We will lay the ground work for all three tenants, but will only work through the creation of the first tenant MedTech. Once you have the first tenant, creating the second and third tenant should be easy.

High Level Task Overview

The High Level task list for configuring Multi-Organization Tenancy in vRealize Automation 8.x are:

  1. Create DNS (A and CNAME) Records. ( Part 1 ).
  2. Generate the SSL Certificates ( Part 2 ).
  3. Upload the SSL Certificates into vRSLCM ( Part 3 ).
  4. Apply the WOA Multi-Organization Tenancy Certificate ( Part 3 ).
  5. Enable Multi-Organization Tenancy. ( Part 3 )
  6. Apply the vRA Multi-Organization Tenancy Certificate ( Part 4 ).
  7. Create a new Organization/Tenant. ( Part 4 )
  8. Managing User Directories (Active Directory) for a Tenant ( Part 5 ).
  9. Assigning new Tenant Admins to a Tenant ( Part 6 .)
  10. Understanding Multi-Tenancy in vRealize Orchestrator ( Part 7 ).
  11. Integrating the Embedded vRealize Orchestrator ( Part 8 ).

Assumptions

In this series of blogs, I will assume you have deployed vRA 8.x in a Standard Deployment configuration (i.e. one vRSLCM 8.x Appliance, one Identity Manager 3.3.2 Appliance and one vRA 8.x Appliance). The only real difference in the configuration when using a vRA 8.x Clustered Deployment configuration is a slight change to the number of (and values inside) the Subject Alternate Name (SAN) certificates that need to be generated to support the configuration and (if you have chosen to use SSL termination on the load balancer) where you apply the certificates.

As you work through the different posts in the series, it should become quickly clear that I cover the DNS differences in Part 1 and the SSL Certificate differences in Part 2 . As I am following the VMware Validated Design 6.0 guidance on implementation I have assumed anyone using a Load Balancer is configured for SSL pass-through for both Workspace ONE Access and vRealize Automation.

Official Docs / Blogs

The following is a list of official documentation sources and blog articles:

Published on 2 May 2020 by Christopher Lewis. Words: 421. Reading Time: 2 mins.