DR and Migration Information Security and Access #
Identity Management Design #
Each VMware Cloud Director Availability appliance has just a single system administrator user (root). Its password is configured during the appliance deployment and must be changed during the initial setup wizard or at the first login to this appliance.
Additionally, a VMware Cloud Director service account with system administrator privileges needs to be created for the VMware Cloud Director Availability registration to the VMware Cloud Director instance. As an alternative, an existing system administrator account (administrator, root, etc.) can be used.
As part of this registration process, the Setup DRaaS and Migration and Availability plug-in is installed in VMware Cloud Director.
Certificate Management Design #
Replace the default self-signed certificate of the Cloud service of VMware Cloud Director Availability Replication Management with a CA-signed certificate to provide secure access and communication for VMware Cloud Director Availability.
As the rest of the appliances are not publicly exposed, they do not need a CA-signed certificate. They can operate with their initially self-signed certificates until they expire or with newly generated self-signed certificates.