VMware vCenter Roles and Permissions
- 26 Oct 2022
- DarkLight
VMware vCenter Roles and Permissions
- Updated on 26 Oct 2022
- DarkLight
Article Summary
Share feedback
Thanks for sharing your feedback!
Introduction
In order for the Cohesity platform to protect Virtual Machines hosted within VMware a privileged account is leveraged. This account is utilized by various processes to create snapshots, create VMs, and a number of different operations for backup and restore functionality. Without an account with the proper permissions, the Cohesity system will not be able to perform any backups against a VMware source or may encounter intermittent hard-to-track errors if the permissions only slightly differ.
The following table is accurate as of the permissions required for Cohesity version 6.6.0d:
| Privilege Level | Permissions |
| Cryptographic operations | Add Disk |
| Direct Access | |
| Datastore | Allocate space |
| Move datastore | |
| Browse datastore | |
| Remove file | |
| Low-level file operations | |
| Configure datastore | |
| Folder | Create folder |
| Delete folder | |
| Global | EnableMethods |
| DisableMethods | |
| Log event | |
| Licenses | |
| Manage custom attributes | |
| Set custom attribute | |
| Host - Configuration | Storage partition configuration |
| Maintenance | |
| Query patch | |
| Network | Assign network |
| Resource | Assign a virtual machine to a resource pool |
| Migrate powered-off virtual machine | |
| Migrate powered on virtual machine | |
| Session | View and stop sessions |
| vApp | Add virtual machine |
| Assign resource pool | |
| Unregister | |
| VM - Configuration | Acquire disk lease |
| Add existing disk | |
| Add new disk | |
| Add or remove a device | |
| Advanced configuration | |
| Change Settings | |
| Change Swapfile placement | |
| Configure Raw device | |
| Remove disk | |
| Toggle disk change tracking | |
| Rename | |
| VM - Guest Operations | Guest operation modifications |
| Guest operation program execution | |
| Guest operation queries | |
| VM - Edit Inventory | Create new |
| Register | |
| Remove | |
| Unregister | |
| VM - Interaction | Guest operating system management by VIX API |
| Power on | |
| Power off | |
| VM - Provisioning | Allow disk access |
| Allow read-only disk access | |
| Allow virtual machine download | |
| VM - Snapshot management | Create snapshot |
| Remove snapshot | |
| Revert snapshot | |
| VM storage policies | Update |
| View | |
| vSphere Tagging | Assign or unassign tag |
Was this article helpful?