Assign a user role in vCenter

Create a user role in the vSphere client with privileges that are required for vRealize Suite Lifecycle Manager. The same role can be assigned to the user who can add a vCenter in vRealize Suite Lifecycle Manager.

Prerequisites

Verify that you have administrative privileges to add a role to a user or a user group. You must have administrative privileges to use vCenter.

If you are using vCenter deployed on VMware Cloud on AWS SDDC, then you must use the available CloudAdmin role. For more information about VMware Cloud on AWS on vCenter, refer to the VMware Cloud on AWS product documentation.

When you deploy a VMware Cloud on AWS on vCenter, you can use the default CloudAdmin role. To learn more about cloud administrator privileges, refer to CloudAdmin Privileges documentation.

Procedure

Log in to vCenter by using the vSphere client.
On the home page of vSphere client, click Roles under Administration.
Create a role for all system interactions between vRealize Suite Lifecycle Manager and vCenter.
Clone Read-only and provide a name to the role.

In the Create Role dialog box, configure the role using the following configuration settings, and click Next.

Setting	Value
Role Name	vRealize Suite Lifecycle Manager
Privilege	Datastore You can select All privileges. Host.Local Operations- Add Host to vCenter Operations - Create Virtual Machine Operations - Delete Virtual Machine Operations - Reconfigure Virtual Machine Inventory - Modify - Cluster Network Assign Network Resource Assign vApp to Resource Pool Assign Virtual Machine to Resource Pool vApp You can select All privileges. Virtual Machines You can select All privileges. Content Library You can select All privileges.

Setting

Value

Role Name

vRealize Suite Lifecycle Manager

Privilege

Datastore
- You can select All privileges.
Host.Local
- Operations- Add Host to vCenter
- Operations - Create Virtual Machine
- Operations - Delete Virtual Machine
- Operations - Reconfigure Virtual Machine
- Inventory - Modify - Cluster
Network
- Assign Network
Resource
- Assign vApp to Resource Pool
- Assign Virtual Machine to Resource Pool
vApp
- You can select All privileges.
Virtual Machines
- You can select All privileges.
Content Library
- You can select All privileges.

This role inherits the System Anonymous, System View, and System Read privileges.

Note: You should have permissions to create a content library. The content library uses a datastore to store all templates, so you require permission to access, read, and write on the same datastore. All privileges under datastore and content library are needed.

Provide a name to the new role and click Finish.
Select Global Permissions under Administration and click Manage.
To add permissions, click the plus sign.
Select the user and role that you have created, and click OK.