PowerProtect Data Manager 19.16 Virtual Machine User Guide

Specify the required privileges for a dedicated cloud-based vCenter user account

You can use the vSphere Client to specify the required privileges for the dedicated cloud-based vCenter user account, or you can use the PowerCLI, which is an interface for managing vSphere.

The following table includes the privileges required for this user.

NOTE:If using a dedicated cloud-based vCenter user account for performing a Create and Restore to New VM, an additional privilege, CloudAdminRestrictedAccess, needs to be added at the vmc-hostswitch level. If this privilege is not added, the restore might complete with a warning and the restored virtual machine might fail to connect to the network.

NOTE:For the privileges required when administering on-premises PowerProtect Data Manager, see Specify the required privileges for a dedicated vCenter user account.

Table 1. Minimum required cloud-based vCenter user account privileges Minimum required cloud-based vCenter user account privileges
Setting	vCenter 6.7 and later required privileges	PowerCLI equivalent required privileges
Alarms	Create alarm Modify alarm	$privileges = @( 'System.Anonymous', 'System.View', 'System.Read', 'Alarm.Create', 'Alarm.Edit', 'Cryptographer.Access', 'Datastore.Browse', 'Datastore.DeleteFile', 'Datastore.FileManagement', 'Datastore.AllocateSpace', 'Datastore.Config', 'Folder.Create', 'Global.ManageCustomFields', 'Global.SetCustomField', 'Global.LogEvent', 'Global.CancelTask', 'InventoryService.Tagging.AttachTag', 'InventoryService.Tagging.ObjectAttachable', 'InventoryService.Tagging.CreateTag', 'InventoryService.Tagging.CreateCategory', 'Network.Assign', 'Resource.AssignVMToPool', 'Resource.HotMigrate', 'Resource.ColdMigrate', 'Sessions.ValidateSession', 'StorageProfile.View', 'VApp.ApplicationConfig', 'VApp.Export', 'VApp.Import', 'VirtualMachine.Config.Rename', 'VirtualMachine.Config.Annotation', 'VirtualMachine.Config.AddExistingDisk', 'VirtualMachine.Config.AddNewDisk', 'VirtualMachine.Config.RemoveDisk', 'VirtualMachine.Config.RawDevice', 'VirtualMachine.Config.HostUSBDevice', 'VirtualMachine.Config.CPUCount', 'VirtualMachine.Config.Memory', 'VirtualMachine.Config.AddRemoveDevice', 'VirtualMachine.Config.EditDevice', 'VirtualMachine.Config.Settings', 'VirtualMachine.Config.Resource', 'VirtualMachine.Config.UpgradeVirtualHardware', 'VirtualMachine.Config.ResetGuestInfo', 'VirtualMachine.Config.AdvancedConfig', 'VirtualMachine.Config.DiskLease', 'VirtualMachine.Config.SwapPlacement', 'VirtualMachine.Config.DiskExtend', 'VirtualMachine.Config.ChangeTracking', 'VirtualMachine.Config.ReloadFromPath', 'VirtualMachine.Config.ManagedBy', 'VirtualMachine.GuestOperations.Query', 'VirtualMachine.GuestOperations.Modify', 'VirtualMachine.GuestOperations.Execute', 'VirtualMachine.Interact.PowerOn', 'VirtualMachine.Interact.PowerOff', 'VirtualMachine.Interact.Reset', 'VirtualMachine.Interact.ConsoleInteract', 'VirtualMachine.Interact.DeviceConnection', 'VirtualMachine.Interact.SetCDMedia', 'VirtualMachine.Interact.ToolsInstall', 'VirtualMachine.Interact.GuestControl', 'VirtualMachine.Inventory.Create', 'VirtualMachine.Inventory.Register', 'VirtualMachine.Inventory.Delete', 'VirtualMachine.Inventory.Unregister', 'VirtualMachine.Provisioning.DiskRandomAccess', 'VirtualMachine.Provisioning.DiskRandomRead', 'VirtualMachine.Provisioning.GetVmFiles', 'VirtualMachine.Provisioning.MarkAsTemplate', 'VirtualMachine.State.CreateSnapshot', 'VirtualMachine.State.RevertToSnapshot', 'VirtualMachine.State.RemoveSnapshot' ) New-VIRole -Name 'PowerProtect' -Privilege (Get-VIPrivilege -Id $privileges)
Cryptographic operations	Direct Access NOTE:This only applies to AVS and GCVE.
Datastore	Allocate space Browse datastore Configure datastore Low level file operations Remove file
Folder	Create folder
Global	Cancel task Log event Manage custom attributes Set custom attribute
vSphere Tagging	Assign or Unassign vSphere Tag Assign or Unassign vSphere Tag on Object NOTE:This only applies to vCenter 7.0 and later. Create vSphere Tag Create vSphere Tag Category
Network	Assign network
Resource	Assign virtual machine to resource pool Migrate powered off virtual machine Migrate powered on virtual machine
Sessions	Validate session
Profile-driven storage	Profile-driven storage view
vApp	Export Import vApp application configuration
Virtual Machine
Change Configuration	Acquire disk lease Add existing disk Add new disk Add or remove device Advanced configuration Change CPU count Change Memory Change Settings Change Swapfile placement Change resource Configure Host USB device Configure Raw device Configure managedby Extend virtual disk Modify device settings Reload from path Remove disk Rename Reset guest information Set annotation Toggle disk change tracking Upgrade virtual machine compatibility
Edit Inventory	Create new Register Remove Unregister
Guest operations	Guest operation modifications Guest operation program execution Guest operation queries
Interaction	Configure CD media Connect devices Console interaction Guest operating system management by VIX API Install VMware Tools Power off Power on Reset
Provisioning	Allow disk access Allow read-only disk access Allow virtual machine download Mark as template
Snapshot Management	Create snapshot Remove snapshot Revert to snapshot

Welcome

Welcome to Dell

PowerProtect Data Manager 19.16 Virtual Machine User Guide

Specify the required privileges for a dedicated cloud-based vCenter user account

Rate this content