CloudShell Version: 9.3 GA

Help Version: 1.2

CloudShell
TestShell
Dev Guide
Api Guide
Troubleshooting
Release Notes
View / Download All Help Versions
Online Help

This help article applies to CloudShell 9.3. To see the latest, click here.

Required vCenter User Permissions per Deployment Type

To configure vCenter cloud providers, you must use a vCenter user that has a role with the required permissions for the specified deployment type on the root and child objects. Root-level permissions are required because in order to correctly identify each vCenter object (datacenter, templates, dvswitches, etc.) on your cloud provider resource, CloudShell needs to be able to access the vCenter object tree, starting with the root, which is the datacenter.

To set up the vCenter user(s) for CloudShell:

  1. In the vSphere Client's Administration area, in the Roles section, add or edit a role.

  2. Under All Privileges, grant the permissions for the desired deployment type(s):

    ClosedDeploy Clone VM from VM / Deploy VM from Linked Clone:
    • Datastore > Allocate space
    • Folder > Create folder
    • Host > Local operations > Create virtual machine
    • Host > Local operations > Delete virtual machine
    • Host > Local operations > Reconfigure virtual machine
    • Resource > Assign vApp to resource pool
    • Resource > Assign virtual machine to resource pool
    • Virtual machine > Interaction > Power Off
    • Virtual machine > Interaction > Power On
    • Virtual machine > Inventory > Create from existing
    • Virtual machine > Inventory > Remove
    • Virtual machine > Provisioning > Clone template
    • Virtual machine > Provisioning > Clone virtual machine
    • Virtual machine > Snapshot management > Create snapshot
    • Virtual machine > Snapshot management > Remove snapshot
    • Virtual machine > Snapshot management > Revert to snapshot
    ClosedDeploy VM from OVF image:
    • Datastore > Allocate space
    • Folder > Create folder
    • Network > Assign network
    • vApp > Import
    • Virtual machine > Configuration > Add new disk
    • Virtual machine > Configuration > Advanced
    • Virtual machine > Interaction > Device connection
    • Virtual machine > Inventory > Remove
    ClosedDeploy VM from Template:
    • Datastore > Allocate space
    • Folder > Create folder
    • Host > Local operations > Create virtual machine
    • Host > Local operations > Delete virtual machine
    • Host > Local operations > Reconfigure virtual machine
    • Resource > Assign vApp to resource pool
    • Resource > Assign virtual machine to resource pool
    • Virtual machine > Interaction > Power Off
    • Virtual machine > Interaction > Power On
    • Virtual machine > Inventory > Create from existing

    • Virtual machine > Inventory > Remove

    • Virtual machine > Provisioning > Deploy template
    ClosedConnectivity:
    • Virtual machine > Configuration > Modify device settings
    • Virtual machine > Configuration > Settings
    • dvPort group > Create
    • dvPort group > Delete
  3. Save your changes.

  4. After creating the role, add a permission to the root level of the vCenter Server.

    For example, "vcenter1.qualisystems.local":

  5. Add the users that will be used by vCenter cloud provider resources to deploy App VMs on the vCenter Server.
  6. Assign the new/updated role.
  7. Make sure the Propagate to Child Objects check box is selected.
  8. Save your changes.
Community
University
Support

Copyright © 2018 Quali