To provision virtual machines and network services, configure privileges for vRealize Automation on both the VI workload domain vCenter Server instance and the VI workload domain NSX Manager.
Procedure
Define Custom Roles in vSphere for vRealize Automation and vRealize Orchestrator for Private Cloud Automation for VMware Cloud Foundation vRealize Automation and vRealize Orchestrator with vSphere, create custom vSphere roles in the vSphere Client with the required privileges.Configure Service Account Permissions for the vRealize Automation and vRealize Orchestrator Integrations to vSphere for Private Cloud Automation for VMware Cloud Foundation vRealize Automation and vRealize Orchestrator to vSphere integrations.Restrict the vRealize Automation and vRealize Orchestrator Service Accounts Access to the Management Domain for Private Cloud Automation for VMware Cloud Foundation vRealize Automation and vRealize Orchestrator to vSphere integration service accounts to the management domain vCenter Server inventory.Restrict the vRealize Automation and vRealize Orchestrator Service Accounts Access to Virtual Machine and Datastore Folders in the VI Workload Domain for Private Cloud Automation for VMware Cloud Foundation vRealize Automation and vRealize Orchestrator service accounts to the NSX Edge virtual machine folder, the local datastore folders, and the read-only datastore folders in the VI workload domain vCenter Server inventory.Configure Service Account Permissions for the vRealize Automation to NSX-T Integration on the VI Workload Domain NSX Manager Cluster for Private Cloud Automation vRealize Automation to NSX-T Data Center integration, you assign the Enterprise administrator role in the VI workload domain NSX Manager cluster to the integration account.
