What permissions are needed for an ONTAP tools custom vcenter role?
Applies to
- ONTAP Tools 9.12+(OTV)
- VMware vSphere 8.0.1
Answer
When OTV is installed, new privileges and roles are added to vCenter, alternatively you can configure custom roles and only add the OTV permissions/privileges that you need.
The following are the permissions that come with the OTV appliance for the VSC administrator,Provision and Read-only roles.(Please note these permissions may change with later versions of OTV and vcenter, They can also be viewed by clicking a VSC role then privileges under Access Control/Roles. )
Example:
VSC administrator
- dvPort grou
- Modify
- Distributed switch
- ModifyPort configuration operation
- Port setting operation
- Datastore
- Allocate space
- Browse datastore
- Low level file operations
- Move datastore
- Remove datastore
- Remove file
- Rename datastore
- Update virtual machine files
- Extension
- Register extension
- Update extension
- Global
- Cancel task
- Diagnostics
- Licenses
- Log event
- Manage custom attributes
- Set custom attribute
- Settings
- Host
- CIM
- CIM interaction
- Configuration
- Advanced settings
- Change settings
- Query patch
- Security profile and firewall
- Storage partition configuration
- System resources
- Local operations
- Create virtual machine
- Delete virtual machine
- Reconfigure virtual machine
- CIM
- Network
- Assign network
- Resource
- Apply recommendation
- Assign virtual machine to resource pool
- Migrate powered off virtual machine
- Migrate powered on virtual machine
- Query vMotion
- Sessions
- Validate session
- Datastore cluster
- Configure a datastore cluster
- VM storage policies
- Update VM storage policies
- View VM storage policies
- Storage views
- Configure service
- View
- Tasks
- Create task
- Update task
- Virtual machine
- Change Configuration
- Add existing disk
- Add new disk
- Add or remove device
- Advanced configuration
- Change CPU count
- Change Memory
- Change Settings
- Change Swapfile placement
- Change resource
- Configure Host USB device
- Configure Raw device
- Extend virtual disk
- Modify device settings
- Reload from path
- Remove disk
- Set annotation
- Toggle disk change tracking
- Upgrade virtual machine compatibility
- Edit Inventory
- Create from existing
- Create new
- Move
- Register
- Remove
- Unregister
- Guest operations
- Guest operation modifications
- Guest operation program execution
- Guest operation queries
- Interaction
- Answer question
- Configure CD media
- Configure floppy media
- Connect devices
- Power off
- Power on
- Provisioning
- Allow disk access
- Allow read-only disk access
- Allow virtual machine download
- Clone template
- Clone virtual machine
- Create template from virtual machine
- Customize guest
- Deploy template
- Read customization specifications
- Snapshot management
- Create snapshot
- Remove snapshot
- Revert to snapshot
- Change Configuration
- NetApp ONTAP tools for VMware vSphere
- View
- privilege.nvpfVSC.Kamino.Datastore.com.netapp.nvpf.label
- Manage datastores
- Provision
- privilege.nvpfVSC.MnHC.Configure.com.netapp.nvpf.label
- Add, Modify, and Skip storage systems
- Remove storage systems
- privilege.nvpfVSC.MnHC.Manage.com.netapp.nvpf.label
- Apply recommended settings
- Deploy VAAI for NFS Plug-in
- privilege.nvpfVSC.VASAGroup.com.netapp.nvpf.label
- Management
- View
VSC Provision
- Datastore
- Allocate space
- Browse datastore
- Low level file operations
- Move datastore
- Remove file
- Rename datastore
- Global
- Cancel task
- Diagnostics
- Licenses
- Log event
- Set custom attribute
- Settings
- Host
- Configuration
- Advanced settings
- Security profile and firewall
- Storage partition configuration
- Sessions
- Validate session
- Datastore cluster
- Configure a datastore cluster
- VM storage policies
- Update VM storage policies
- View VM storage policies
- Storage views
- Configure service
- View
- Tasks
- Create task
- Update task
- Virtual machine
- Edit Inventory
- Remove
- Unregister
- Interaction
- Power off
- Provisioning
- Allow disk access
- Allow read-only disk access
- Customize guest
- Read customization specifications
- Edit Inventory
- NetApp ONTAP tools for VMware vSphere
- View
- privilege.nvpfVSC.Kamino.Datastore.com.netapp.nvpf.label
- Manage datastores
- Provision
- privilege.nvpfVSC.VASAGroup.com.netapp.nvpf.label
- View
VSC Read-only
- Datastore
- Update virtual machine files
- Global
- Diagnostics
- Host
- CIM
- CIM interaction
- CIM
- Sessions
- Validate session
- Tasks
- Create Task
- Update Task
- Virtual Machine
- Guest operations
- Guest operation queries
- Guest operations
- NetApp ONTAP tools for VMware vSphere
- View
- privilege.nvpfVSC.VASAGroup.com.netapp.nvpf.label
- View
Additional Information
additionalInformation_text