To give the Skyline Collector instances rights to collect data from the vSphere endpoints, first create a user role with the required minimum privileges on the vCenter Server instances in the SDDC.


  1. Log in to vCenter Server by using the vSphere Client.
    1. Open a Web browser and go to https://sfo01m01vc01.sfo01.rainpole.local/ui.
    2. Log in by using the following credentials.
      Setting Value
      User name administrator@vsphere.local
      Password vsphere_admin_password
  2. On the Home page of the vSphere Client, in the navigation pane, select Administration.
  3. On the Administration page, select Roles.
  4. Create a role for the Skyline Collector instances.
    1. From the Roles provider drop-down menu, select sfo01m01vc01.sfo01.rainpole.local.
    2. Select Read-only and click the Clone role action icon.

      You clone the Read-only role because it includes the System.AnonymousSystem.View, and System.Read privileges. The Skyline Collector instances require these privileges to collect information from the vCenter Server endpoint in each workload domain and the vSphere infrastructure components.

    3. In the Clone Role dialog box, enter the name of the role and click OK



      Role name

      Skyline Collector User

  5. To grant the Skyline Collector instances access to license data in vSphere, assign the Global.Licenses privilege to the role.
    1. From the list of Roles, select the Skyline Collector User role.
    2. Click the Edit role action icon.
    3. On the Edit Role dialog box, select Global in the left pane and select Licenses in the right pane.
    4. Click Next and click Finish.


The Skyline Collector user role is propagated to the other linked vCenter Server instances.