Procedure

1. Log in to the VI workload domain vCenter Server at https://<vi_workload_domain_vcenter_server_fqdn>/ui by using an account with Administrator privileges.

2. From the vSphere Client menu, select Administration.

3. In the left pane, select Access Control > Roles.

4. From the Roles provider drop-down menu, select the Single Sign-On domain.

5. Create a role for VMware Aria Automation in vSphere.

   1. Click New.

   2. In the Role name text box, enter VMware Aria Automation to vSphere Integration.

   3. Configure the privileges and click Create.

      Category	Privilege
      Content Library	Add library item
      	Create local library
      	Create subscribed library
      	Delete library item
      	Delete local library
      	Delete subscribed library
      	Download files
      	Evict library item
      	Evict subscribed library
      	Probe subscription information
      	Read storage
      	Sync library item
      	Sync subscribed library
      	Type introspection
      	Update configuration settings
      	Update files
      	Update library
      	Update library item
      	Update local library
      	Update subscribed library
      	View configuration settings
      Datastore	Allocate space
      	Browse datastore
      	Low level file operations
      Datastore Cluster	Configure a datastore cluster
      Folder	Create folder
      	Delete folder
      Global	Manage custom attributes
      	Set custom attribute
      Network	Assign network
      Permissions	Modify permission
      Profile-driven storage (Not available for VMware Cloud Foundation 5.x)	Profile-driven storage view
      Resource	Assign virtual machine to resource pool
      	Migrate powered off virtual machine
      	Migrate powered on virtual machine
      vApp	Import
      	vApp application configuration
      Virtual Machine	Change Configuration.Add existing disk
      	Change Configuration.Add new disk
      	Change Configuration.Add or remove device
      	Change Configuration.Advanced configuration
      	Change Configuration.Change CPU count
      	Change Configuration.Change Memory
      	Change Configuration.Change Settings
      	Change Configuration.Change Swapfile placement
      	Change Configuration.Change resource
      	Change Configuration.Extend virtual disk
      	Change Configuration.Modify device settings
      	Change Configuration.Remove Disk
      	Change Configuration.Rename
      	Change Configuration.Set annotation
      	Change Configuration.Toggle disk change tracking
      	Edit Inventory.Create from existing
      	Edit Inventory.Create new
      	Edit Inventory.Move
      	Edit Inventory.Remove
      	Interaction.Configure CD media
      	Interaction.Connect devices
      	Interaction.Console interaction
      	Interaction.Install VMware Tools
      	Interaction.Power off
      	Interaction.Power on
      	Interaction.Reset
      	Interaction.Suspend
      	Provisioning.Clone template
      	Provisioning.Clone virtual machine
      	Provisioning.Customize guest
      	Provisioning.Deploy template
      	Provisioning.Read customization specifications
      	Snapshot management.Create snapshot
      	Snapshot management.Remove snapshot
      	Snapshot management.Revert to snapshot
      vSphere Tagging	Assign or unassign vSphere tag
      	Assign or unassign vSphere tag on object
      	Create a vSphere tag
      	Create a vSphere tag category
      	Delete vSphere tag
      	Delete vSphere tag category
      	Edit vSphere tag
      	Edit vSphere tag category
      	Modify UsedBy field for category
      	Modify UsedBy field for tag

6. Create a role for VMware Aria Automation Orchestrator in vSphere.

   1. Select the Administrator role and click Clone.

   2. In the Clone role dialog box, enter VMware Aria Automation Orchestrator to vSphere Integration and click OK.

7. Repeat the procedure for each isolated VI workload domain vCenter Server.