VMware Live Site Recovery provides disaster recovery by performing operations for users. These operations involve managing objects, such as recovery plans or protection groups, and performing operations, such as replicating or powering off virtual machines. VMware Live Site Recovery uses roles and permissions so that only users with the correct roles and permissions can perform operations.
VMware Live Site Recovery adds several roles to vCenter Server, each of which includes privileges to complete VMware Live Site Recovery and vCenter Server tasks. You assign roles to users to permit them to complete tasks in VMware Live Site Recovery.
- Privilege
- The right to perform an action, for example to create a recovery plan or to modify a protection group.
- Role
- A collection of privileges. Default roles provide the privileges that certain users require to perform a set of VMware Live Site Recovery tasks, for example users who manage protection groups or perform recoveries. A user can have at most one role on an object, but roles can be combined if the user belongs to multiple groups that all have roles on the object.
- Permission
- A role granted to a particular user or user group on a specific object. A user or user group is also known as a principal. A permission is a combination of a role, an object, and a principal. For example, a permission is the privilege to modify a specific protection group.
For information about the roles that VMware Live Site Recovery adds to vCenter Server and the privileges that users require to complete tasks, see VMware Live Site Recovery Roles Reference.
