Poiché VMware esegue l'amministrazione dell'host e altre attività per conto dell'utente, un'amministratore del cloud necessita di meno privilegi rispetto a un utente amministratore in un data center locale.
Il ruolo CloudAdmin dispone di una serie di privilegi generati dinamicamente per l'SDDC. Includono la maggior parte dei privilegi disponibili in tutte le categorie. Per visualizzare i privilegi concessi al ruolo CloudAdmin, accedere a SDDC vSphere Client, fare clic su , selezionare CloudAdmin nell'elenco di ruoli, quindi fare clic su PRIVILEGI.
Per recuperare l'elenco di privilegi per il ruolo CloudAdmin nell'SDDC, è inoltre possibile utilizzare un frammento di PowerShell come questo.
$vmcUserName = "CloudAdmin"
$authMgr = Get-View $global:DefaultVIServer.ExtensionData.Content.AuthorizationManager
Write-Host "vCenter Version: $($global:DefaultVIServer.ExtensionData.Content.About.Version)"
Write-Host "Build: $($global:DefaultVIServer.ExtensionData.Content.About.Build)"
($authMgr.RoleList | where {$_.Name -eq $vmcUserName}).Privilege
Il ruolo CloudAdmin ha i seguenti privilegi in SDDC versione 1.18.
vCenter Version: 7.0.3, Build: 19584923 Alarm.Acknowledge Alarm.Create Alarm.Delete Alarm.DisableActions Alarm.Edit Alarm.SetStatus Authorization.ModifyPermissions Authorization.ModifyRoles CertificateManagement.Manage Cns.Searchable ComputePolicy.Manage ContentLibrary.AddCertToTrustStore ContentLibrary.AddLibraryItem ContentLibrary.CheckInTemplate ContentLibrary.CheckOutTemplate ContentLibrary.CreateLocalLibrary ContentLibrary.CreateSubscribedLibrary ContentLibrary.DeleteCertFromTrustStore ContentLibrary.DeleteLibraryItem ContentLibrary.DeleteLocalLibrary ContentLibrary.DeleteSubscribedLibrary ContentLibrary.DownloadSession ContentLibrary.EvictLibraryItem ContentLibrary.EvictSubscribedLibrary ContentLibrary.GetConfiguration ContentLibrary.ImportStorage ContentLibrary.ProbeSubscription ContentLibrary.ReadStorage ContentLibrary.SyncLibrary ContentLibrary.SyncLibraryItem ContentLibrary.TypeIntrospection ContentLibrary.UpdateConfiguration ContentLibrary.UpdateLibrary ContentLibrary.UpdateLibraryItem ContentLibrary.UpdateLocalLibrary ContentLibrary.UpdateSession ContentLibrary.UpdateSubscribedLibrary Datastore.AllocateSpace Datastore.Browse Datastore.Config Datastore.DeleteFile Datastore.FileManagement Datastore.UpdateVirtualMachineFiles Datastore.UpdateVirtualMachineMetadata Extension.Register Extension.Unregister Extension.Update Folder.Create Folder.Delete Folder.Move Folder.Rename Global.CancelTask Global.GlobalTag Global.Health Global.LogEvent Global.ManageCustomFields Global.ServiceManagers Global.SetCustomField Global.SystemTag HLM.Manage Host.Hbr.HbrManagement InventoryService.Tagging.AttachTag InventoryService.Tagging.CreateCategory InventoryService.Tagging.CreateTag InventoryService.Tagging.DeleteCategory InventoryService.Tagging.DeleteTag InventoryService.Tagging.EditCategory InventoryService.Tagging.EditTag InventoryService.Tagging.ModifyUsedByForCategory InventoryService.Tagging.ModifyUsedByForTag InventoryService.Tagging.ObjectAttachable Namespaces.Configure Namespaces.SelfServiceManage Network.Assign Resource.ApplyRecommendation Resource.AssignVAppToPool Resource.AssignVMToPool Resource.ColdMigrate Resource.CreatePool Resource.DeletePool Resource.EditPool Resource.HotMigrate Resource.MovePool Resource.QueryVMotion Resource.RenamePool ScheduledTask.Create ScheduledTask.Delete ScheduledTask.Edit ScheduledTask.Run Sessions.GlobalMessage Sessions.ValidateSession StorageProfile.Update StorageProfile.View StorageViews.View System.Anonymous System.Read System.View Trust.Manage VApp.ApplicationConfig VApp.AssignResourcePool VApp.AssignVApp VApp.AssignVM VApp.Clone VApp.Create VApp.Delete VApp.Export VApp.ExtractOvfEnvironment VApp.Import VApp.InstanceConfig VApp.ManagedByConfig VApp.Move VApp.PowerOff VApp.PowerOn VApp.Rename VApp.ResourceConfig VApp.Suspend VApp.Unregister VirtualMachine.Config.AddExistingDisk VirtualMachine.Config.AddNewDisk VirtualMachine.Config.AddRemoveDevice VirtualMachine.Config.AdvancedConfig VirtualMachine.Config.Annotation VirtualMachine.Config.CPUCount VirtualMachine.Config.ChangeTracking VirtualMachine.Config.DiskExtend VirtualMachine.Config.DiskLease VirtualMachine.Config.EditDevice VirtualMachine.Config.HostUSBDevice VirtualMachine.Config.ManagedBy VirtualMachine.Config.Memory VirtualMachine.Config.MksControl VirtualMachine.Config.QueryFTCompatibility VirtualMachine.Config.QueryUnownedFiles VirtualMachine.Config.RawDevice VirtualMachine.Config.ReloadFromPath VirtualMachine.Config.RemoveDisk VirtualMachine.Config.Rename VirtualMachine.Config.ResetGuestInfo VirtualMachine.Config.Resource VirtualMachine.Config.Settings VirtualMachine.Config.SwapPlacement VirtualMachine.Config.UpgradeVirtualHardware VirtualMachine.GuestOperations.Execute VirtualMachine.GuestOperations.Modify VirtualMachine.GuestOperations.ModifyAliases VirtualMachine.GuestOperations.Query VirtualMachine.GuestOperations.QueryAliases VirtualMachine.Hbr.ConfigureReplication VirtualMachine.Hbr.MonitorReplication VirtualMachine.Hbr.ReplicaManagement VirtualMachine.Interact.AnswerQuestion VirtualMachine.Interact.Backup VirtualMachine.Interact.ConsoleInteract VirtualMachine.Interact.CreateScreenshot VirtualMachine.Interact.DefragmentAllDisks VirtualMachine.Interact.DeviceConnection VirtualMachine.Interact.DnD VirtualMachine.Interact.GuestControl VirtualMachine.Interact.Pause VirtualMachine.Interact.PowerOff VirtualMachine.Interact.PowerOn VirtualMachine.Interact.PutUsbScanCodes VirtualMachine.Interact.Reset VirtualMachine.Interact.SESparseMaintenance VirtualMachine.Interact.SetCDMedia VirtualMachine.Interact.SetFloppyMedia VirtualMachine.Interact.Suspend VirtualMachine.Interact.ToolsInstall VirtualMachine.Inventory.Create VirtualMachine.Inventory.CreateFromExisting VirtualMachine.Inventory.Delete VirtualMachine.Inventory.Move VirtualMachine.Inventory.Register VirtualMachine.Inventory.Unregister VirtualMachine.Namespace.Event VirtualMachine.Namespace.EventNotify VirtualMachine.Namespace.Management VirtualMachine.Namespace.ModifyContent VirtualMachine.Namespace.Query VirtualMachine.Namespace.ReadContent VirtualMachine.Provisioning.Clone VirtualMachine.Provisioning.CloneTemplate VirtualMachine.Provisioning.CreateTemplateFromVM VirtualMachine.Provisioning.Customize VirtualMachine.Provisioning.DeployTemplate VirtualMachine.Provisioning.DiskRandomAccess VirtualMachine.Provisioning.DiskRandomRead VirtualMachine.Provisioning.FileRandomAccess VirtualMachine.Provisioning.GetVmFiles VirtualMachine.Provisioning.MarkAsTemplate VirtualMachine.Provisioning.MarkAsVM VirtualMachine.Provisioning.ModifyCustSpecs VirtualMachine.Provisioning.PromoteDisks VirtualMachine.Provisioning.PutVmFiles VirtualMachine.Provisioning.ReadCustSpecs VirtualMachine.State.CreateSnapshot VirtualMachine.State.RemoveSnapshot VirtualMachine.State.RenameSnapshot VirtualMachine.State.RevertToSnapshot VirtualMachineClasses.Manage Vsan.Cluster.ShallowRekey vService.CreateDependency vService.DestroyDependency vService.ReconfigureDependency vService.UpdateDependency vSphereDataProtection.Protection vSphereDataProtection.Recovery
Per ulteriori informazioni sulle autorizzazioni concesse da ciascun privilegio, vedere il riferimento Privilegi definiti di vSphere.
