In vSphere, create a user role with privileges that are required for performing backup operations against for the management virtual machines in vSphere Data Protection in Region A. 

1

Log in to vCenter Server by using the vSphere Web Client.

a

Open a Web browser and go to https://mgmt01vc01.sfo01.rainpole.local/vsphere-client.

b

Log in using the following credentials.

Setting

Value

User name

administrator@vsphere.local

Password

vsphere_admin_password

2

On the Home page of the vSphere Web Client, select Roles under Administration.

3

Create a new role for managing backups.

a

On the Roles page, click the Create role action icon.

b

In the Create Role dialog box, configure the role using the following configuration settings, and click OK.

Setting

Value

Role name

vSphere Data Protection User

Privilege

Alarms.Create Alarm

Alarms.Modify Alarms

Datastore.Allocate space

Datastore.Browse datastore

Datastore.Configure datastore

Datastore.Low level file operations

Datastore.Move datastore

Datastore.Remove datastore

Datastore.Remove file

Datastore.Rename datastore

Extension.Register extension

Extension.Update extensions

Folder.Create folder

Global.Cancel task

Global.Disable methods

Global.Enable methods

Global.Licenses

Global.Log event

Global.Manage custom attributes

Global.Settings

Network.Assign network

Network.Configure

Resource.Assign virtual machine to resource pool

Session.Validate session

Tasks.Create task

Tasks.Update task

Virtual Machine.Configuration.Add existing disk

Virtual Machine.Configuration.Add new disk

Virtual Machine.Configuration.Add or remove device

Virtual Machine.Configuration.Advanced

Virtual Machine.Configuration.Change cpu count

Virtual Machine.Configuration.Change resource

Virtual Machine.Configuration.Disk change tracking

Virtual Machine.Configuration.Disk lease

Virtual Machine.Configuration.Extend virtual disk

Virtual Machine.Configuration.Host use device

Virtual Machine.Configuration.Memory

Virtual Machine.Configuration.Modify device setting

Virtual Machine.Configuration.Raw device

Virtual Machine.Configuration.Reload from path

Virtual Machine.Configuration.Remove disk

Virtual Machine.Configuration.Rename

Virtual Machine.Configuration.Reset guest information

Virtual Machine.Configuration.Set annotation

Virtual Machine.Configuration.Settings

Virtual Machine.Configuration.Swapfile placement

Virtual Machine.Configuration.Upgrade virtual machine compatibility

Virtual Machine.Guest Operations.Guest Operation Modifications

Virtual Machine.Guest Operations.Guest Operations Program execution

Virtual Machine.Guest Operations.Guest Operation Queries

Virtual Machine.Interaction.Console interaction

Virtual Machine.Interaction.Device connection

Virtual Machine.Interaction.Guest operating system management by VIX API

Virtual Machine.Interaction.Power off

Virtual Machine.Interaction.Power on

Virtual Machine.Interaction.Reset

Virtual Machine.Interaction.ViMware tools install

Virtual Machine.Inventory.Create new

Virtual Machine.Inventory.Register

Virtual Machine.Inventory.Remove

Virtual Machine.Inventory.Unregister

Virtual Machine.Provisioning.Allow disk access

Virtual Machine.Provisioning.Allow read-only disk access

Virtual Machine.Provisioning.Allow virtual machine download

Virtual Machine.Provisioning.Mark as template

Virtual Machine.Snapshot management.Create snapshot

Virtual Machine.Snapshot management.Remove snapshot

Virtual Machine.Snapshot management.Revert snapshot

vApp.Export

vApp.Import

vApp.vApp application configuration

This role inherits the System.Anonymous System.View, and System.Read permissions. 

4

The Management vCenter Server for Region A propagates the role to the other linked vCenter Server instances.