Hello,
Is it possible to prevent deletion of vm if the vm has a specific tag on it?
We like to set a tag named "do_not_delete" on virtual machines which will not be possible to delete unless this tag has been removed.
Clemens.
Not if that user has delete permissions inside vCenter.
The VM is enrolled by a user with an ansible script. Another user from the same team and the same rights has accidentally deleted the VM. So this is what we to prevent if the VM is protected with a certain tag on it. I know it's a bit silly.
To protect a VM againstvaccidental deletes create it with eager zeroed thick vmdk and run
vmkfstools -p 0 name-flat.vmdk > flat-map.txt
after you created the VM. Store flat-map.txt in a safe location.
If necessary you can restore the VM with that txt-file after an accidental delete.
It may be an option to create/place such VMs in a dedicated Folder, and restrict Delete permissions for that folder.
André
the best way is to give the user permission level isolation, make a habit of using the read-only account for daily to daily monitoring activity and if in case any changes required a use admin account
that's how I recommended our all clients
Just to be clear, the answer to this question is no, there is no way to "protect a VM" from deletion much as you would do to an EC2 instance in AWS, correct?
This is as close to an answer to the original question. Is this possible , how does one restrict deletion of objects in a folder?