VMware Cloud Community
chrischrischris
Enthusiast
Enthusiast
‎02-18-2021 04:54 PM
Jump to solution

Trying to determine least privileges for uploading OVFs

Hi all,

I'm trying to determine least privileges for uploading OVFs so I can create a role for several users who need to be able to upload OVF to a vCenter to use with vRA.

Should I just create a role and then delete privileges one at time, and check if I still upload the OVF?

I can't think of a better way to determine least privileges.

What do you all think?

 

Thanks!

-Chris

0 Kudos
1 Solution

Accepted Solutions
LucD
Leadership
Leadership
‎02-18-2021 10:18 PM
Jump to solution

You can use the API Reference to determine a set of privileges to start with.

For example, the ImportVApp method requires VApp.Import.
But you will definitely need other privileges, like for creating a VApp, using a Datastore ....
Unfortunately, afaik, there isn't a document that provides exact lists of privileges for each type of interaction with vSphere.
In the end, it is a trial-and-error process I'm afraid.


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

View solution in original post

0 Kudos
2 Replies
LucD
Leadership
Leadership
‎02-18-2021 10:18 PM
Jump to solution

You can use the API Reference to determine a set of privileges to start with.

For example, the ImportVApp method requires VApp.Import.
But you will definitely need other privileges, like for creating a VApp, using a Datastore ....
Unfortunately, afaik, there isn't a document that provides exact lists of privileges for each type of interaction with vSphere.
In the end, it is a trial-and-error process I'm afraid.


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

0 Kudos
chrischrischris
Enthusiast
Enthusiast
‎02-19-2021 01:24 PM
Jump to solution

Thanks Luc!

You are awesome!!

0 Kudos