> Software > Virtualization > VMware Cloud Director

Permissions for VMware Cloud Director User Accounts

The Commvault software requires the following permissions for a VMware Cloud Director user account that you use when configuring the VMware Cloud Director hypervisor or Commvault plug-in. This minimizes unauthorized access and helps avoid potential security risks in your VMware Cloud Director environment.

Access Control

Organization

  • Allow Access to All Organization VDCs

  • View the AMQP settings

  • View API Explorer

  • View the Content Hub External Source

  • View Content Hub External Source ACL

  • View Catalog ACL

  • View the Kerberos settings

  • View the LDAP settings

  • View Log Provider

  • Enable OIDC Server

  • View Organization Networks

  • View Access Control List of Organization VDCs

  • View Organization Administrative Details

  • View Organization Associations

  • View OAuth Settings

  • View the System Organization settings

  • View the VMware Cloud Director settings

  • View vApp ACL

  • View Right

  • View Rights Bundle

Role

  • View Global Role

User

  • View Users and Groups

  • Limited Service Accounts View

  • View Service Accounts

Administration

General

  • View Advisories

  • View CORS Allowed Origins

  • View Cell Configuration

  • View Certificates Library

  • View General ACL

  • Administrator View

  • View Error Details

  • View License Report

  • View all named credentials

  • View named credentials managed by a user

  • View Shared Compute Policy

  • Perform administrator queries

  • View Quota Policy Capabilities

  • View Quota Policy

  • View SSL Settings

  • Test Connection

  • View Proxy Rules

  • View task information

  • View Trusted Certificates

  • View vGPU Profile Consumption

  • View vGPU Profiles

  • Send Notification

  • Execute System Operations

  • Resume / Cancel / Fail a Task

  • Update Task

Health

  • Allow access to metrics endpoint

Multisite

  • View site

  • Multisite System Operations

  • Edit site

Compute

Organization VDC

  • View Alternate Admin version of Compute Policies for an Organization VDC

  • Limited Admin View

  • View Compute Policies for an Organization VDC

  • View Disk IOPS

  • View Disk Encryption Status

  • View Disk Properties

  • View Organization VDC Resource Pool

  • View Organization VDC Storage Policy Capabilities

  • View Organization VDC Extended Properties

  • View Organization VDCs

  • View Organization VDC Memory and CPU Reservation

  • View stranded items

  • Change Owner

  • Create a Disk

  • Delete a Disk

  • Edit Disk Properties

  • Move a Disk

  • Create a Shared Disk

  • Manage stranded items

Provider VDC

  • View Compute Policies for a Provider VDC

  • View Provider VDC Resource Pool

  • View Provider VDC Storage Policy Grant

  • Limited Provider VDC Storage Policy View

  • View Provider VDC Storage Policy

  • Limited Provider VDC View

  • View Provider VDC

  • View Provider VDC Grant

vApp

  • View vApp Shadow VMs

  • View Encryption Status of VMs and VM's disks

  • View VM metrics

  • Change vApp Template Owner

  • Import vApp Template

  • Preserve All ExtraConfig Elements During OVF Import and Export

  • Preserve Ethernet-Coalescing ExtraConfig Elements During OVF Import and Export

  • Preserve Latency ExtraConfig Elements During OVF Import and Export

  • Preserve ExtraConfig Elements During OVF Import and Export if they match patterns specified by the system administrator in the 'vapp.allowed.extra.config' configuration property

  • Preserve NUMA Node Affinity ExtraConfig Elements During OVF Import and Export

  • Change Owner

  • Copy a vApp

  • Create / Reconfigure a vApp

  • Delete a vApp

  • Edit vApp Properties

  • Edit VM Compute Policy

  • Edit VM CPU

  • Edit VM CPU and Memory Reservation / Limit / Shares in all VDC types

  • Edit VM Hard Disk

  • Edit VM Memory

  • Edit VM Network

  • Edit VM Properties

  • Enter / Exit vApp Maintenance Mode

  • Import vApp

  • Manage maintenance mode for vApps

  • Start / Stop / Suspend / Reset a vApp

  • Share a vApp

  • Create / Revert / Remove a Snapshot

  • Upload a vApp

  • Edit / View VM Boot Options

  • View Compliance of vApp VMs

  • Migrate / Force Undeploy / Relocate / Consolidate vApp VMs

  • Allow metadata mapping domain to vCenter

Organization VDC Template

  • View vDC template extended properties

  • View vDC templates

VM Monitoring

  • View historic metrics for the Organization VDC

  • View historic metrics for the organization

Extensions

Additional Services

  • View Running Workflows

  • View Available Workflows

Custom Entity

  • View all custom entity instances in org

  • View any custom entity definition

  • View custom entity definition

  • View custom entity instance

Metadata

  • Metadata File Entry: Create/Modify

Service Applications

  • View Service Applications

  • Register VMC SDDC

Service Library

  • View services making up the service library

VMware Cloud Director Extension

  • View Access Control List

  • View Alternate Admin version of Entity

  • View Extension Service API Definitions

  • View Registered Extension Services

  • View all Extensions

  • View External Service

  • View Object Extensions

  • View Resource Class Action

  • View Selector Extensions

  • View Service Configuration

  • View Service Links

  • View Service Resource Type

  • View Service Resource

  • View Tenant Portal Plugin Information

  • View VMware Cloud Director Extension

Infrastructure

Datastore

  • View Datastore

Host

  • View Host

Resource Pool

  • View the resource pools for adoption from vSphere

  • Open Resource Pool

  • View Resource Pool

SDDC

  • View SDDC

vCenter

  • View vCenter

  • View vCenter server

  • Refresh vCenter

Libraries

Catalog

  • View Catalog vApp Shadow VMs

  • View Private and Shared Catalogs within Current Organization

  • View Shared Catalogs from Other Organizations

  • View the content library system settings

  • Create / Delete a Catalog

  • Edit Catalog Properties

Catalog Item

  • View vApp Templates / Media

  • Copy / Move a vApp Template / Media

  • Create / Upload a vApp Template / Media

  • Edit vApp Template / Media Properties

Networking

Distributed Firewall

  • View Distributed Firewall Rules

Edge Cluster

  • View Edge Cluster

  • View Edge Cluster Grant

Edge Gateway

  • View Gateway

Edge Gateway Services

  • BGP Routing View Only

  • DHCP View Only

  • Edge Gateway DNS View Only

  • Firewall View Only

  • IPSEC VPN View Only

  • L2 VPN View Only

  • Load Balancer View Only

  • NAT View Only

  • OSPF Routing View Only

  • Remote Access View Only

  • View Route Advertisement

  • View SLAAC Profile

  • SSL VPN View Only

  • Static Routing View Only

IP Spaces

  • View IP Spaces

  • View System IP Spaces

Organization VDC Network

  • View Properties

Network Pool

  • View Network Pool

  • View Network Pool Grant

Provider Gateway Services

  • View Limited Provider Gateway BGP

  • View Provider Gateway Firewall

  • View Provider Gateway GRE Tunnels

  • View Provider Gateway IPSec VPN

  • View Provider Gateway NAT

  • View Provider Gateway Routing (Simple View)

  • View Provider Gateway Routing

  • View Limited Provider Gateway

Provider Network

  • View NSX-T Manager Registration

  • View Provider Network

Segment Profile Templates

  • View Segment Profile Templates

VDC Group

  • View VDC Group

Other

Annotation

  • Administrator View

  • View

Branding UI Theme

  • Administrator View

  • View

Service

  • Administrator View

  • View

Solution Add-On

  • Administrator View

  • View

  • Administrator Full Control

  • Full Control

  • Edit

Solution Add-On EntityInstance

  • Administrator View

  • View

  • Administrator Full Control

  • Full Control

  • Edit

Solution Add-On Transaction

  • Administrator View

  • View

  • Administrator Full Control

  • Full Control

  • Edit

×

Loading...