Restrict the VMware Aria Automation and VMware Aria Automation Orchestrator Service Accounts Access to the Management Domain for Private Cloud Automation for VMware Cloud Foundation

Restrict access for the VMware Aria Automation and VMware Aria Automation Orchestrator to vSphere integration service accounts to the management domain vCenter Server inventory.

This procedure is not applicable to VMware Cloud Foundation with isolated VI workload domains.

Procedure

Log in to the management domain vCenter Server at https://<management_vcenter_server_fqdn>/ui by using an account with Administrator privileges.
From the Hosts and clusters inventory, select the management domain vCenter Server, and click the Permissions tab.
Select the service account for VMware Aria Automation to vSphere integration and click the Change role icon.
In the Change role dialog box, from the Role drop-down menu, select No Access, select the Propagate to children check box, and click OK.
Repeat steps 3 and 4 for the service account for VMware Aria Automation Orchestrator to vSphere integration.