vSphere Replication Roles Reference

vSphere Replication includes a set of roles. Each role includes a set of privileges, which enable users with those roles to complete different actions.

For information about how to assign roles, see Assigning Roles in the vSphere Web Client in vSphere Security.

Note: When assigning permissions with no propagation, make sure that you have at least Read-only permission on all parent objects.

Table 1. vSphere Replication Roles
Role	Actions that this Role Permits	Privileges that this Role Includes	Objects in vCenter Server Inventory that this Role Can Access
VRM replication viewer	View replications. Cannot change replication parameters.	VRM remote.View VR VRM remote.View VRM VRM datastore mapper.View VRM replication.View replications Virtual machine.vSphere Replication.Monitor replication	vCenter Server root folder with propagation, at the source site (outgoing replications) and the target site (incoming replications). Alternatively, vCenter Server root folder without propagation on both sites and virtual machine without propagation on the source site.
VRM virtual machine replication user	View replications. Manage datastores. Configure and unconfigure replications. Manage and monitor replications. View defined storage capabilities and storage profiles. Requires a corresponding user with the same role on the target site and also vSphere Replication target datastore user role on the target data center, or datastore folder or each target datastore.	Datastore.Browse Datastore VRM remote.View VR VRM remote.View VRM VRM replication.View replications VRM datastore mapper.Manage VRM datastore mapper.View Host.vSphere Replication.Manage replication Virtual machine.vSphere Replication.Configure replication Virtual machine.vSphere Replication.Manage replication Virtual machine.vSphere Replication.Monitor replication Profile-driven storage .Profile-driven storage view	vCenter Server root folder with propagation on both sites. Alternatively, vCenter Server root folder without propagation on both sites, virtual machine without propagation on the source site, source datastores without propagation on the source site.
VRM administrator	Incorporates all vSphere Replication privileges.	VRM remote.Manage VR VRM remote.View VR VRM remote.Manage VRM VRM remote.View VRM VRM datastore mapper.Manage VRM datastore mapper.View VRM diagnostics .Manage VRM replication.View replications VRM session .Terminate Datastore.Browse datastore Datastore.Configure datastore Datastore.Low level file operations Host.vSphere Replication.Manage replication Resource.Assign virtual machine to resource pool Virtual machine.Configuration.Add existing disk Virtual machine.Configuration.Add or remove device Virtual machine.Interaction.Power On Virtual machine.Interaction.Device connection Virtual machine.Inventory.Register Virtual machine.Inventory.Unregister Virtual machine.vSphere Replication.Configure replication Virtual machine.vSphere Replication.Manage replication Virtual machine.vSphere Replication.Monitor replication Virtual machine.Snapshot management.Remove snapshot Profile-driven storage .Profile-driven storage view	vCenter Server root folder with propagation on both sites. Alternatively, vCenter Server root folder without propagation on both sites, virtual machine without propagation on the source site, target datastore, target virtual machine folder with propagation on the target site, target host or cluster with propagation on the target site.
VRM diagnostics	Generate, retrieve, and delete log bundles.	VRM remote.View VR VRM remote.View VRM VRM replication .View rеplication VRM diagnostics .Manage	vCenter Server root folder on both sites.
VRM target datastore user	Configure and reconfigure replications. Used on the target site in on the VRM virtual machine replication user role on both sites.	Datastore.Browse datastore Datastore.Low level file operations	Datastore objects on the target site, or datastore folder with propagation at the target site, or target data center with propagation.
VRM virtual machine recovery user	Recover virtual machines.	Datastore.Browse datastore Datastore.Low level file operations Host.vSphere Replication.Manage replication Virtual machine.Configuration.Add existing disk Virtual machine.Configuration.Add or remove device Virtual machine.Interaction.Power On Virtual machine.Interaction.Device connection Virtual machine.Inventory.Register Virtual machine.Inventory.Unregister Virtual machine.Snapshot management. Remove snapshot Resource.Assign virtual machine to resource pool	Secondary vCenter Server root folder with propagation. Alternatively, secondary vCenter Server root folder without propagation, target datastore without propagation, target virtual machine folder with propagation, target host, or cluster with propagation.