You can create a restricted vCenter Server user with the Cyber Recovery connector CLI, to ensure that the connector can only access vCenter Server with a minimal set of privileges.
You can create this user manually using the Cyber Recovery connector CLI, or you can run a script provided by VMware Live Cyber Recovery that creates a user, and then applies specific roles with only the privileges required for DR operations.
Once you create the user, you can then register vCenter Server with the Cyber Recovery connector, using this new user to authenticate with vCenter Server.
Before you use this feature, consider the following:
- Manually creating a user can be error prone.
- Determine when the password for the provided account expires and manually change the password before its expiration.
- Manually update the user account to provide privileges to perform failback, so that failback privileges are only available when you run a failback recovery plan.