When configuring a service account role in vCenter for use in Aria Suite Lifecycle, there are necessary permissions that must be set. What’s not accounted for in the official documentation will be notated here as well.
The official documentation is referenced here:
https://techdocs.broadcom.com/us/en/vmware-cis/aria/aria-suite-lifecycle/8-18/vmware-aria-suite-lifecycle-installation-upgrade-and-management-8-18/configuring-vmware-aria-suite-lifecycle/add-and-manage-data-center-associations/assign-a-user-role-in-a-vcenter.html
Role Name: VMware Aria Suite Lifecycle
Privilege:
Datastore
You can select All privileges.
Host.Local
- Operations- Add Host to vCenter
- Operations – Create Virtual Machine
- Operations – Delete Virtual Machine
- Operations – Reconfigure Virtual Machine
- Inventory – Modify – Cluster
Network
- Assign Network
Resource
- Assign vApp to Resource Pool
- Assign Virtual Machine to Resource Pool
vApp
You can select All privileges.
Virtual Machines
You can select All privileges.
Content Library
You can select All privileges.
Storage Views (for Operations for Networks Deployment and Update)
- View
VM storage policies (for Operations for Networks Deployment and Update)
- View VM storage policies
Regarding the VMware Aria Suite Operations for Networks permissions, there is a Known Issue listed in the Aria Suite LCM Release Notes that dictates the provided permissions to the role.
- VMware Aria Operations for Networks installation fails
VMware Aria Operations for Networks installation fails during the “DeployOvf” task when being deployed on vCenter Server 8.0 U2.vCenter Server would display an error stating “A general system error occurred: PBM error occurred during PreCreateCheckCallback: Invalid state”Workaround: Map the privilege “Storage Views –> View” and “VM storage policies” –> “View VM storage policies” to the service account.
References
https://knowledge.broadcom.com/external/article/378747/lcmvsphereconfig1000016-aria-operations.html
Leave a Reply