Navneet Verma papivot

VC+DC combo	Cloud	Cluster	Service Engine Group	VIP Network	Supported	Solution
1	Use Default Cloud	Single	Use Default-Group	Single	Yes	TKO Standard
1	Use Default Cloud	Multiple	Use Custom Groups (1 per cluster) mapped to Default Cloud	Single (shared across clusters)	Yes	TKO Enterprise
1	Use Default Cloud	Multiple	Use Custom Groups (1 per cluster) mapped to Default Cloud	Multiple (shared or unique per cluster)	Yes	TKO Enterprise
Multiple	Use Custom Cloud per VC+DC	Multiple	Use Custom Groups (1 per cluster) mapping to appropriate clouds	Multiple (unique per cluster)	No(TBD/WIP)	TKO Enterprise

Source IP Address	Destination IP Address	Port Display	Protocol	Optional/Mandatory	Use

Client	Service Installer VM	22	TCP		SSH
Client	NSX ALB VIP Network IP Range	443	TCP		HTTPS Workload
Client	NSX ALB VIP Network IP Range	6443	TCP		Cluster access
Client	Supervisor Management IP Range	22	TCP	(Optional)	Troubleshooting
Client	Workload Cluster IP Range	22	TCP	(Optional)	Troubleshooting
Client	Workload Cluster IP Range	30000-32767	TCP	(Optional)	If Nodeport Support is required
Client	NSX ALB VIP Network IP Range	80	TCP	(Optional)	HTTP Workload

	clusterrolebindings	clusterrole
	vmware-system-auth-sync-wcp:demo1:group:vsphere.local:administrators	cluster-admin
	vmware-system-auth-sync-wcp:demo1:user:vsphere.local:user2	cluster-admin
	vmware-system-auth-sync-wcp:demo1:user:vsphere.local:user3	cluster-admin

NAME	CREATE	GET	LIST	WATCH	UPDATE	PATCH	DELETE	DELETECOLLECTION
namespaces	x	x	x	x	x	x	yes	n/a
tanzukubernetesaddons.run.tanzu.vmware.com	x	yes	yes	yes	x	x	x	x
tanzukubernetesreleases.run.tanzu.vmware.com	x	yes	yes	yes	x	x	x	x
tkgserviceconfigurations.run.tanzu.vmware.com	x	yes	yes	yes	x	x	x	x
virtualmachineclasses.vmoperator.vmware.com	x	yes	yes	yes	x	x	x	x
virtualmachineimages.vmoperator.vmware.com	x	yes	yes	yes	x	x	x	x

NAME	CREATE	GET	LIST	WATCH	UPDATE	PATCH	DELETE	DELETECOLLECTION
certificaterequests.cert-manager.io	x	yes	yes	yes	x	x	x	x
certificates.cert-manager.io	x	yes	yes	yes	x	x	x	x
clusters.cluster.x-k8s.io	x	yes	yes	yes	x	x	x	x
configmaps	x	yes	yes	yes	x	x	x	x
contentsourcebindings.vmoperator.vmware.com	x	yes	yes	yes	x	x	x	x
controllerrevisions.apps	x	yes	yes	yes	x	x	x	x
cronjobs.batch	x	yes	yes	yes	x	x	x	x
daemonsets.apps	x	yes	yes	yes	x	x	x	x
deployments.apps	x	yes	yes	yes	x	x	x	x

NAME	CREATE	GET	LIST	WATCH	UPDATE	PATCH	DELETE	DELETECOLLECTION
agentinstalls.installers.tmc.cloud.vmware.com	yes	yes	yes	yes	yes	yes	yes	yes
certificaterequests.cert-manager.io	yes	yes	yes	yes	yes	yes	yes	yes
certificates.cert-manager.io	yes	yes	yes	yes	yes	yes	yes	yes
clusters.cluster.x-k8s.io	x	yes	yes	yes	x	x	x	x
cnsxdevmattachments.cns.vmware.com	x	yes	yes	yes	x	x	x	x
configmaps	yes	yes	yes	yes	yes	yes	yes	yes
contentsourcebindings.vmoperator.vmware.com	x	yes	yes	yes	x	x	x	x
controllerrevisions.apps	x	yes	yes	yes	x	x	x	x
cronjobs.batch	yes	yes	yes	yes	yes	yes	yes	yes

	clusterrolebinding	clusterrole
	wcp:user:vsphere.local:user3:namespace-delete	ClusterRole/vmware-system-nsop-namespace-delete-cluster-role

	rolebinding	role
	wcp:demo1:user:vsphere.local:user1	ClusterRole/view
	wcp:demo1:user:vsphere.local:user2	ClusterRole/edit
	wcp:demo1:user:vsphere.local:user3	ClusterRole/edit
	wcp:demo1:group:vsphere.local:administrators	ClusterRole/edit

NAME	CREATE	GET	LIST	WATCH	UPDATE	PATCH	DELETE	DELETECOLLECTION
agentinstalls.installers.tmc.cloud.vmware.com	yes	yes	yes	yes	yes	yes	yes	yes
certificaterequests.cert-manager.io	x	yes	yes	yes	x	x	x	x
certificates.cert-manager.io	x	yes	yes	yes	x	x	x	x
clusters.cluster.x-k8s.io	x	yes	yes	yes	x	x	x	x
cnsnodevmattachments.cns.vmware.com	x	yes	yes	yes	x	x	x	x
configmaps	x	yes	yes	yes	x	x	x	x
contentlibraryproviders.vmoperator.vmware.com	x	yes	yes	yes	x	x	x	x
contentsourcebindings.vmoperator.vmware.com	x	yes	yes	yes	x	x	x	x
contentsources.vmoperator.vmware.com	x	yes	yes	yes	x	x	x	x

namespace	rolebinding	role
kube-system	vmware-image-fetcher-ca-bundle-edit-role-binding	vmware-image-fetcher-ca-bundle-edit
svc-tmc-c8	wcp:administrator:tmc-extension-config-role	vi-admin-tmc-extension-config-role