Documentation Index

Fetch the complete documentation index at: https://kb.expedient.com/llms.txt

Use this file to discover all available pages before exploring further.

VMware vCenter Roles and Permissions

  • Updated on Apr 10, 2025
  • Published on Oct 26, 2022
Prev Next

Introduction

In order for the Cohesity platform to protect Virtual Machines hosted within VMware a privileged account is leveraged. This account is utilized by various processes to create snapshots, create VMs, and a number of different operations for backup and restore functionality. Without an account with the proper permissions, the Cohesity system will not be able to perform any backups against a VMware source or may encounter intermittent hard-to-track errors if the permissions only slightly differ.


The following table is accurate as of the permissions required for Cohesity version 6.6.0d:

Privilege Level

Permissions

Cryptographic operations

Add Disk

Direct Access

Datastore

Allocate space

Move datastore

Browse datastore

Remove file

Low-level file operations

Configure datastore

Folder

Create folder

Delete folder

Global

EnableMethods

DisableMethods

Log event

Licenses

Manage custom attributes

Set custom attribute

Host - Configuration

Storage partition configuration

Maintenance

Query patch

Network

Assign network

Resource

Assign a virtual machine to a resource pool

Migrate powered-off virtual machine

Migrate powered on virtual machine

Session

View and stop sessions

vApp

Add virtual machine

Assign resource pool

Unregister

VM - Configuration

Acquire disk lease

Add existing disk

Add new disk

Add or remove a device

Advanced configuration

Change Settings

Change Swapfile placement

Configure Raw device

Remove disk

Toggle disk change tracking

Rename

VM - Guest Operations

Guest operation modifications

Guest operation program execution

Guest operation queries

VM - Edit Inventory

Create new

Register

Remove

Unregister

VM - Interaction

Guest operating system management by VIX API

Power on

Power off

VM - Provisioning

Allow disk access

Allow read-only disk access

Allow virtual machine download

VM - Snapshot management

Create snapshot

Remove snapshot

Revert snapshot

VM storage policies

Update

View

vSphere Tagging

Assign or unassign tag