Joern_Ravnsbaek
Contributor
Contributor

vCenter custom roles needed to create a vm, convert to template and deploy from Content Library

I'm trying to create a new role (AD-ROLE) for the admin team that could do the following:

  • upload ISO to Content Libarary
  • create a new virtual machine and connect an ISO from Content Library
  • convert virtual machine to template on Content Library
  • deploy a new vm using the template on Content Library
  • be able to view Content Library to see available OVF/OVA and templates

I created a group (AD-Group) and added to Global Permissions with the AD-ROLE and propagated to children.

The current (AD-ROLE) privileges has been configured, but when I deploy from template and try to select the compute resource it get this error:
You do not have permission to create a virtual machine from a library template in the selected resource. Select another location.

What is the missing privilege to be able to select the compute resource ?

Content Library

  • Add library item
  • Chek in a template
  • Check out a template
  • Create a subscription for a published library
  • Delete library item
  • Download files
  • Evict library item
  • Probe subscription information
  • Publish a library item to its subscribers
  • Publish a library ito its subscribers
  • Read storage
  • Sync library item
  • Update files
  • Update library
  • Update library item
  • Update local library
  • View configuration settings

Datastore

  • Allocate space
  • Browse datastore
  • Low level file operation

Network

  • Assign network

Virtual machine

  • Change Configuration
    • Add existing disk
    • Add new disk
    • Add or remove device
    • Change CPU count
    • Chamge Memory
  • Edit Inventory
    • Create from existing
    • Create new
  • Interaction
    • Answer question
    • Backup operation on virtual machine
    • Configure CD media
    • Configure floppy media
    • Connect devices
    • Console interaction
    • Create screenshot
    • Defragment all disks
    • Drag and drop
    • Guest operation system management by VIX API
    • Inject USB HID scan codes
    • Install VMware Tools
    • Pause or Unpause
    • Perform wipe or shrink operations
    • Power off
    • Power on
    • Reset
    • Suspend
    • privilege.VirtualMachine.Interact.SuspendToMemory.label
  • Provisioning
    • Clone template
    • Clone virtual machine
    • Create template from virtual machine
    • Customize guest
    • Deploy template
    • Mark as template
    • Mark as virtual machine

 

0 Kudos
0 Replies