3 Replies Latest reply on Oct 7, 2016 11:28 AM by CoalFireJMac

    vCenter Permissions to Individual VMs

    stin Lurker

      Thanks in advance for any assistance!

       

      I'm trying to delegate permissions to a single VM to allow an application administrator vCenter and VM access.  When I set the user up as a Virtual Machine Administrator to the VM only, the user cannot see the VM in the VIC client (they cannot see the cluster or resource pool the VM is a member of either).  The only way I can get this to work is to give them read permissions to the container above the VM, in this case a resource pool.  Obviously they only have read access to all the other VMs in that resource pool but I would prefer if they could only see the VM they have permissions to.  Am I missing something or is this not possible?

       

      I've never assign permissions the granular before and I guess I just assumed, based on my research, vCenter used an access base enumeration algorithm but my assumption is probably wrong (they usually are).

       

      Thanks!