CloudShell Version: 2023.3 GA
Guide Version: 1.0
View / Download All Help Versions

Required vCenter User Permissions per Deployment Type

To configure vCenter cloud providers, you must use a vCenter user that has a role with the required permissions for the specified deployment type on the root and child objects. Root-level permissions are required because in order to correctly identify each vCenter object (datacenter, templates, dvswitches, etc.) on your cloud provider resource, CloudShell needs to be able to access the vCenter object tree, starting with the root, which is the datacenter.

To set up the vCenter user(s) for CloudShell:

  1. In the vSphere Client's Administration area, in the Roles section, add or edit a role.

  2. Grant the permissions for the desired deployment type(s):

    Permissions for App deployments:

    Permissions for Sandbox Save and Restore:

  3. Click Next.

  4. Set the Role name, as appropriate.
  5. Click Finish.
  6. After creating the role, add a permission to the root level of the vCenter Server.

    For example, "vcenter1.qualisystems.local":

  7. Add the User that will be used by vCenter cloud provider resources to deploy App VMs on the vCenter Server.
  8. Assign the new/updated Role.
  9. Make sure the Propagate to children check box is selected.
  10. Click OK.