Hello Everybody,
I have some trouble with the creation of vms from a template via terraform.
We have created a customer specific role:
Direct Access
Migrate
Allocate space
Browse datastore
Configure datastore
Low level file operations
Remove file
Update virtual machine files
Update virtual machine metadata
Create folder
Delete folder
Move folder
Rename folder
Set custom attribute
Configuration
System Management
Local operations
Create virtual machine
Delete virtual machine
Reconfigure virtual machine
Assign network
Configure
Move network
Remove
View
Apply recommendation
Assign vApp to resource pool
Assign virtual machine to resource pool
Migrate powered off virtual machine
Migrate powered on virtual machine
Modify resource pool
Move resource pool
Query vMotion
Profile-driven storage update
Profile-driven storage view
View
Clone
Create
Export
Import
Power on
View OVF environment
We have bin these role to an AD Group on the vCenter itself with "propagte to children"
Therefor the Group has the right on the template, source and destination datastore and hosts, but we always get the error:
" Permission to perform this operation was denied. NoPermission.message.format"
Anyboday an idea, which privilige is missing.
Tahnks & Best Regards
Torsten
Hello Torsten, hope all is well.
According to this document your permissions are correct
https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.vm_admin.doc/GUID-4D0F8E63-2961-4B7...
You mentioned that the role has the right permissions on the Hosts, source and destination datastores and the templates.
If you log in to vCenter using that user? can you check VM folders and resource pools?
If you try to create a VM manually is it working?