VIN guest operating system management: limited permissions for vcenter server

vCenter Infrastructure Navigator has a single account which it uses to access VMs.
This is set within vCenter Server’s infrastructure navigator screen.

I wanted to limit which datacenters inside vCenter Server VIN would be able to see as the functions this account can perform.

Resolution:

Create a guest operating system management role within vCenter Server with minimal privileges for VIN:

  • Navigate to administration
  • Select roles
  • Click add roles
  • Enable the following with checkbox:
    • Virtual machine > Interaction -> Guest operating system management by VIX API 
    • Virtual machine > Interaction -> Console interaction
  • Provide role name
  • On the vCenter entity root level click manage tab
  • Select permissions and add
  • Select user and assign the newly create limited VIN role.

This will provide the necessary privileges to enable the discovery process for user selected.

In my case I also did not want this service account to view my vCloud director datacenter so I added the user to the datacenter permissions with “no access” role.

From inventory menu select Infrastructure navigator.
Select settings tab
Here you can now set the new user account.
Make sure to enable access to VMs

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s