BanierGarcia
Contributor
Contributor

How to protect VMs from accidentally delete???

Jump to solution

Hi guys!

- There are any option to protect VMs from accidentally deleted in vSpehre 4.0???

- There are any command like vmfs-undelete used in ESX 3.5 but in vSphere 4.0??

Thanks a lot for your help.

0 Kudos
1 Solution

Accepted Solutions
NuggetGTR
VMware Employee
VMware Employee

I would use the permissions to stop that, For eg have the normal admins and in the role have delete virtual machine unchecked and then have an enterprise admin role for yourself will all permissions.

using roles and assigning them to AD groups is great, We currently just restricted permissions so that admins can only do what they need to do like expand add disks, add memory, stop, start, vmotion etc) then the virtual team have full permissions. That way you had people not really knowing what they were doing not able to cause too much damage. it has stopped allot of work for myself due to random deletetions, cluster changes data store issues etc.

________________________________________ Blog: http://virtualiseme.net.au VCDX #201 Author of Mastering vRealize Operations Manager

View solution in original post

4 Replies
NuggetGTR
VMware Employee
VMware Employee

I would use the permissions to stop that, For eg have the normal admins and in the role have delete virtual machine unchecked and then have an enterprise admin role for yourself will all permissions.

using roles and assigning them to AD groups is great, We currently just restricted permissions so that admins can only do what they need to do like expand add disks, add memory, stop, start, vmotion etc) then the virtual team have full permissions. That way you had people not really knowing what they were doing not able to cause too much damage. it has stopped allot of work for myself due to random deletetions, cluster changes data store issues etc.

________________________________________ Blog: http://virtualiseme.net.au VCDX #201 Author of Mastering vRealize Operations Manager
Texiwill
Leadership
Leadership

Hello,

Moved to teh Security Forum, the Communities Help forum is for help on the communities/forums not general VMware Help.

If you accidently delete from disk the wrong VM there is no undelete functionality. However, if you just remove from vCenter you may be able to find it again.

As the previous poster stated there is are roles and permissions to help.


Best regards,
Edward L. Haletky VMware Communities User Moderator, VMware vExpert 2009, 2010

Now Available: 'VMware vSphere(TM) and Virtual Infrastructure Security'[/url]

Also available 'VMWare ESX Server in the Enterprise'[/url]

Blogging: The Virtualization Practice[/url]|Blue Gears[/url]|TechTarget[/url]|Network World[/url]

Podcast: Virtualization Security Round Table Podcast[/url]|Twitter: Texiwll[/url]

--
Edward L. Haletky
vExpert XIV: 2009-2022,
VMTN Community Moderator
vSphere Upgrade Saga: https://www.astroarch.com/blogs
GitHub Repo: https://github.com/Texiwill
FinneusR
Contributor
Contributor

Did not answer original question.

 

How to protect VMs from  deletion?

Much like AWS  does  🙂

0 Kudos
LeNNyfromNL
Enthusiast
Enthusiast

Hi,

The most likely workaround would to create rights bundle and a custom role for that. That way you could remove the "Delete vApp" right from the bundle so create, view and modify are still possible.

Thats not the wayt AWS does it with their termination protection, but maybe work for you.

 


Daniël Zuthof
Twitter: @DanielZuthof
https://blog.zuthof.nl
Don't forget to mark as solved if your questions are answered.
0 Kudos