we have ESXi we need to take backup for VMs using 3rd party tool such as Veeam or veritas but they need user account with full privileges to do this backup, how i can give him this permission and in same time protect my VM from misuse by them in case such as how i make sure they will not misuse that user to remove VM/Disk of any VM
yes, I will give them root privileges, but how I can guarantee they will not misuse this account like remove or delete VM.
The only option for a least privilege approach is by using vCenter otherwise it is root privileges on standalone ESXi and then you will have to monitor logs.
The permissions are granted to the application only, i.e. not to Veeam (the company) itself.
Taking into account that Veeam has been on the market for many years, and will for sure not lose its reputation, I wouldn't be concerned too much.
No matter which backup application you use, all of them require elevated permission to backup and restore VMs.
André