JonRoderick
Hot Shot
Hot Shot

Why can't I create a VM when correct permissions are assigned at Cluster level rather than 'Hosts & Clusters' level??

When I assign the required VM-creation permissions to a group and set that at the top 'Hosts & Clusters' level, I can create VMs anywhere within the VC heirarchy.

However, when I set the exact same permissions to a different group of users but at the individual Cluster level, I'm unable to create VMs because I don't have rights to see the datastores (even though one of the permissions I set is to be able to browse the datastore).

I'm confused - is the top level permission granting extra rights that the cluster-level permission doesn't?

Thanks

0 Kudos
1 Reply
JonRoderick
Hot Shot
Hot Shot

Ok, think I can answer my own question.

It looks as though applying permissions at the 'Hosts & Clusters' level assumes 'read-only' rights on the entire infrastructure.

This is what I was lacking when I applied the same permissions to the lower Cluster level.

Oh well, at least I know.

Jon

0 Kudos