VMware Cloud Community
MeImNot76
Enthusiast
Enthusiast
‎05-04-2018 07:49 AM

Granular permissions for vSphere Adapter user account

Hello,

I need vROPS to monitor an environment hosting customer VMs where only the infrastructure objects and some infrastructure VMs should be monitored i.e. I need all the VMs in Resource Groups 1 and 2 monitored but all the VMs in all the other Resource Groups should not be monitored, I also need monitoring of everything else i.e. hosts, storage etc.

This environment is getting bigger all the time (new hosts/storage/customer RGs added frequently) so any ideas how can I achieve the granularity I need without the need to go and add permissions whenever a new item is added to vCenter?

Thank you!

0 Kudos
2 Replies
MichaelRyom
Hot Shot
Hot Shot
‎05-07-2018 05:09 AM

thats the way to do it - but maybe you could deny access instead of allowing ?

Blogging at https://MichaelRyom.dk
0 Kudos
MeImNot76
Enthusiast
Enthusiast
‎05-12-2018 12:00 AM

I actually opened an SR with VMware and we concluded that using permissions to control this would be a management nightmare in a large dynamic infrastructure (I would need to add permissions for each new host, datastore etc).

So, I'm still stuck here and would like to ask if anyone was able to monitor/collect data on an entire virtual infrastructure (hosts, storage, networking etc.) and only a subset of infrastructure VMs without in a dynamic way.

Thank you

0 Kudos