Solved: Re: vCenter Permissions

DeutschePass · ‎09-13-2023

Hello

I would like to create a kind of playground for multiple users using vCenter and ESXi.
Is it possible for a user to only see the virtual machines they have created?
So User1 creates x VMs and only sees these, as well as User2 etc.
The user should have full permission to create VMs and only see them.

DeutschePass · ‎09-13-2023

Well, i found a way

I created a folder "VM- and Templatefolder" and give Fullperms for User on the Folder - the User can create the VM in their folder and sees the own VMs...

Admin:

User:

View solution in original post

kastlr · ‎09-13-2023

Hi,

while this is possible it's not that easy to achieve, simply because it would require proper permissions at multiple locations.

I.e, to deploy a VM a User must have permission

to create, expand and delete data on a datastore
to attach and detach the NICs to or from a portgroup
depending on how your environment is organized proper permissions on
- Clusters or Hosts
- DvS/standard vSwitches and their portgroups
- Folders and/or Resource Groups
What if Users asked for Backups

You should check the following article for more information.

vSphere Permissions and User Management Tasks

Hope this helps a bit.
Greetings from Germany. (CEST)

DeutschePass · ‎09-13-2023

Hi!

Thanks for your reply @kastlr .

Everything works - Only User1 see's Network "User1" (etc.)and the perms. on the Datastore etc. - that works like expected.

But: When i create a VM with UserX, the VM will be created but it is not Visible for UserX - only when UserX has Administrator permissions but then UserX see all VMs - which User X shouldnt.

Why vCenter dont add automatically permissions for UserX on the VM which UserX is creating?

DeutschePass · ‎09-13-2023

Well, i found a way

I created a folder "VM- and Templatefolder" and give Fullperms for User on the Folder - the User can create the VM in their folder and sees the own VMs...

Admin:

User:

All

vCenter Permissions