Minimum Required Permissions in vCenter

In some environments, it may be necessary to provide CloudBolt with a vCenter user account following the principle of least privilege. In those cases, the vSphere admin will need to provision an account for CloudBolt using a role with a specific set of privileges. 

Below is a listing of the minimum required privileges for CloudBolt to function in vCenter:

Datastore.AllocateSpace

Datastore.Browse

Datastore.Config

Datastore.DeleteFile

Datastore.FileManagement

Datastore.UpdateVirtualMachineFiles

Datastore.UpdateVirtualMachineMetadata

Folder.Create

Folder.Delete

Folder.Move

Folder.Rename

Network.Assign

Resource.ApplyRecommendation

Resource.AssignVMToPool

Resource.QueryVMotion

StoragePod.Config

System.Anonymous

System.Read

System.View

Task.Create

Task.Update

VApp.ApplicationConfig

VApp.AssignResourcePool

VApp.AssignVApp

VApp.AssignVM

VApp.Clone

VApp.Create

VApp.Delete

VApp.Export

VApp.ExtractOvfEnvironment

VApp.Import

VApp.InstanceConfig

VApp.ManagedByConfig

VApp.Move

VApp.PowerOff

VApp.PowerOn

VApp.Rename

VApp.ResourceConfig

VApp.Suspend

VApp.Unregister

VirtualMachine.Config.AddExistingDisk

VirtualMachine.Config.AddNewDisk

VirtualMachine.Config.AddRemoveDevice

VirtualMachine.Config.AdvancedConfig

VirtualMachine.Config.Annotation

VirtualMachine.Config.ChangeTracking

VirtualMachine.Config.CPUCount

VirtualMachine.Config.DiskExtend

VirtualMachine.Config.DiskLease

VirtualMachine.Config.EditDevice

VirtualMachine.Config.HostUSBDevice

VirtualMachine.Config.ManagedBy

VirtualMachine.Config.Memory

VirtualMachine.Config.MksControl

VirtualMachine.Config.QueryFTCompatibility

VirtualMachine.Config.QueryUnownedFiles

VirtualMachine.Config.RawDevice

VirtualMachine.Config.ReloadFromPath

VirtualMachine.Config.RemoveDisk

VirtualMachine.Config.Rename

VirtualMachine.Config.ResetGuestInfo

VirtualMachine.Config.Resource

VirtualMachine.Config.Settings

VirtualMachine.Config.SwapPlacement

VirtualMachine.Config.Unlock

VirtualMachine.Config.UpgradeVirtualHardware

VirtualMachine.GuestOperations.Execute

VirtualMachine.GuestOperations.Modify

VirtualMachine.GuestOperations.Query

VirtualMachine.Interact.DeviceConnection

VirtualMachine.Interact.PowerOff

VirtualMachine.Interact.PowerOn

VirtualMachine.Interact.Reset

VirtualMachine.Interact.ConsoleInteract

VirtualMachine.Interact.SetCDMedia

VirtualMachine.Interact.SetFloppyMedia

VirtualMachine.Inventory.Create

VirtualMachine.Inventory.CreateFromExisting

VirtualMachine.Inventory.Delete

VirtualMachine.Inventory.Move

VirtualMachine.Inventory.Register

VirtualMachine.Inventory.Unregister

VirtualMachine.Provisioning.Clone

VirtualMachine.Provisioning.CloneTemplate

VirtualMachine.Provisioning.CreateTemplateFromVM

VirtualMachine.Provisioning.Customize

VirtualMachine.Provisioning.DeployTemplate

VirtualMachine.Provisioning.DiskRandomAccess

VirtualMachine.Provisioning.DiskRandomRead

VirtualMachine.Provisioning.GetVmFiles

VirtualMachine.Provisioning.MarkAsTemplate

VirtualMachine.Provisioning.MarkAsVM

VirtualMachine.Provisioning.ModifyCustSpecs

VirtualMachine.Provisioning.PromoteDisks

VirtualMachine.Provisioning.PutVmFiles

VirtualMachine.Provisioning.ReadCustSpecs

VirtualMachine.State.CreateSnapshot

VirtualMachine.State.RemoveSnapshot

VirtualMachine.State.RenameSnapshot

VirtualMachine.State.RevertToSnapshot

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.