Once Agent for VMware is deployed to a vCenter's host or cluster, any user of the vCenter Server can connect a management console to the agent. The scope of available operations depends on the privileges a user has on the vCenter Server. Only those actions are available that the user has permission to perform. The below tables contain the privileges required for backup and recovery of ESX virtual machines and, additionally, for virtual appliance deployment.
If the agent was deployed directly to an ESX(i) host or manually imported to the host, and you want the vCenter users to be able to connect to the agent and the below privileges to take effect, connect the agent to the vCenter Server rather than to the ESX(i) host. To change the connection, access the virtual appliance GUI using the vSphere Client and specify access credentials for the vCenter Server in the ESX(i)/vCenter setting.
Privileges on vCenter Server or ESX(i) host
Outlined in the below table are the privileges a vCenter Server user must have to perform operations on all the vCenter hosts and clusters.
To enable a user to operate on a specific ESX host only, assign the user the same privileges on the host.
|
Operation |
|||||
|---|---|---|---|---|---|---|
Object |
Privilege |
Back up a VM |
Back up a VM's disk |
Recover to a new VM |
Recover to an existing VM |
VA deployment |
Datastore |
Allocate space |
|
|
+ |
+ |
+ |
|
Browse datastore |
|
|
|
|
+ |
|
Configure datastore |
+ |
+ |
+ |
+ |
+ |
|
Low level file operations |
|
|
|
|
+ |
Global |
Licenses |
+ |
+ |
+ |
+ |
|
|
Disable methods |
+ |
+ |
|
|
|
|
Enable methods |
+ |
+ |
|
|
|
Host > Configuration |
VM autostart configuration |
|
|
|
|
+ |
Host > Inventory |
Modify cluster |
|
|
|
|
+ |
Host > Local operations |
Create VM |
|
|
|
|
+ |
|
Delete VM |
|
|
|
|
+ |
|
Reconfigure VM |
|
|
|
|
+ |
Network |
Assign network |
|
|
+ |
+ |
+ |
Resource |
Assign VM to resource pool |
|
|
+ |
+ |
+ |
vApp |
Import |
|
|
|
|
+ |
Virtual machine > Configuration |
Add existing disk |
+ |
+ |
+ |
|
|
|
Add new disk |
|
|
+ |
+ |
+ |
|
Add or remove device |
|
|
+ |
|
+ |
|
Advanced |
|
|
+ |
|
+ |
|
Change CPU count |
|
|
+ |
|
|
|
Disk lease |
+ |
+ |
|
|
|
|
Memory |
|
|
+ |
|
|
|
Remove disk |
+ |
+ |
+ |
+ |
|
|
Rename |
|
|
+ |
|
|
|
Settings |
|
|
|
+ |
|
Virtual machine > Interaction |
Configure CD media |
|
|
+ |
|
|
|
Console interaction |
|
|
|
|
+ |
|
Guest operating system management by VIX API |
|
|
|
|
+ |
|
Power off |
|
|
|
+ |
+ |
|
Power on |
|
|
+ |
+ |
+ |
Virtual machine > Inventory |
Create from existing |
|
|
+ |
+ |
|
|
Create new |
|
|
+ |
+ |
+ |
|
Move |
|
|
|
|
+ |
|
Remove |
|
|
+ |
+ |
+ |
Virtual machine > Provisioning |
Allow disk access |
|
|
+ |
+ |
|
|
Allow virtual machine download |
+ |
+ |
+ |
+ |
|
Virtual machine > State |
Create snapshot |
+ |
+ |
|
+ |
+ |
|
Remove snapshot |
+ |
+ |
|
+ |
+ |