Create a user role in the vSphere client with privileges that are required for vRealize Suite Lifecycle Manager. The same role can be assigned to the user who can add a vCenter in vRealize Suite Lifecycle Manager.

Prerequisites

Verify that you have administrative privileges to add a role to a user or a user group. You must have administrative privileges to use vCenter.

If you are using vCenter deployed on VMware Cloud on AWS SDDC, then you must use the available CloudAdmin role. For more information about VMware Cloud on AWS on vCenter, refer to the VMware Cloud on AWS product documentation.

When you deploy a VMware Cloud on AWS on vCenter, you can use the default CloudAdmin role. To learn more about cloud administrator privileges, refer to CloudAdmin Privileges documentation.

Procedure

  1. Log in to vCenter by using the vSphere client.
  2. On the home page of vSphere client, click Roles under Administration.
  3. Create a role for all system interactions between vRealize Suite Lifecycle Manager and vCenter.
  4. Clone Read-only and provide a name to the role.
  5. In the Create Role dialog box, configure the role using the following configuration settings, and click Next.
    Setting Value
    Role Name vRealize Suite Lifecycle Manager
    Privilege
    • Datastore
      • You can select All privileges.
    • Host.Local
      • Operations- Add Host to vCenter
      • Operations - Create Virtual Machine
      • Operations - Delete Virtual Machine
      • Operations - Reconfigure Virtual Machine
      • Inventory - Modify - Cluster
    • Network
      • Assign Network
    • Resource
      • Assign vApp to Resource Pool
      • Assign Virtual Machine to Resource Pool
    • vApp
      • You can select All privileges.
    • Virtual Machines
      • You can select All privileges.
    • Content Library
      • You can select All privileges.
    This role inherits the System Anonymous, System View, and System Read privileges.
    Note: You should have permissions to create a content library. The content library uses a datastore to store all templates, so you require permission to access, read, and write on the same datastore. All privileges under datastore and content library are needed.
  6. Provide a name to the new role and click Finish.
  7. Select Global Permissions under Administration and click Manage.
  8. To add permissions, click the plus sign.
  9. Select the user and role that you have created, and click OK.