Assign global permissions to the operations service accounts to access monitoring data from vCenter Server in vRealize Operations Manager.

  • The svc-vrops-vsphere user has the privileges to collect data from and perform actions on vCenter Server from vRealize Operations Manager.

  • The svc-vrops-nsx user has read-only access on all objects in vCenter Server.

  • The svc-vrops-mpsd and svc-vrops-vsan users have privileges for access to storage device and vSAN information, respectively, in vRealize Operations Manager on all objects in vCenter Server.

You assign global permissions that are based on the following roles to these service accounts:

Service Account

Role

[email protected]
vRealize Operations to vSphere Integration (Actions)
[email protected]

Read-only

[email protected]

vRealize Operations to vSphere Integration (Metrics)

[email protected]

vRealize Operations to vSphere Integration (Metrics)

Procedure

  1. In a Web browser, log in to vCenter Server by using the vSphere Client.
    Setting Value
    URL https://sfo01m01vc01.sfo01.rainpole.local/ui
    User name [email protected]
    Password vsphere_admin_password
  2. Select Menu > Administration.
  3. In the left pane, select Access control > Global permissions.
  4. Click the Add permission icon, enter these values, and click OK.

    Setting

    Value

    Domain

    rainpole.local

    User / Group

    svc-vrops-vsphere

    Role
    vRealize Operations to vSphere Integration (Actions)

    Propagate to children

    Selected
  5. Repeat the steps to assign global permissions to the remaining service accounts.