Replications to the cloud require certain users, roles, and permissions.
vSphere Web Client
On the source vSphere site, you need the same credentials as the ones required for vSphere Replication. See vSphere Replication Roles Reference.
vCloud User Credentials
When you create a connection to the target virtual data center, you provide two pairs of credentials.
Used to authenticate within the cloud organization, these credentials initiate a user session with your cloud provider. The privileges for your user account are managed by your cloud provider.
Credentials to the cloud are required for each target site, once per user session, and not per operation in the vSphere Web Client. When the authenticated user session to a target site expires, users are prompted to input their credentials again.
System Monitoring Credentials
Used at runtime to let the source and the target site communicate. These credentials are stored in the vSphere Replication appliance on the source site. The user that you provide should be assigned the vSphere Replication role, or the following rights in your cloud organization .
Although you can use the same credentials for both connection and system monitoring, a good practice is to use different pairs of credentials.