Permissions privileges control the assigning of roles and permissions.

The table describes permissions required for assigning roles and permissions.

Permissions Privileges

Privilege Name



Pair with Object

Effective on Object

Permissions.Modify permission

Define one or more permission rules on an entity, or updates rules if already present for the given user or group on the entity.

To have permission to perform this operation, you must have this privilege assigned to both the object and its parent object.

User interface element – Permissions tab context menu, Inventory > Permissions menu

HC and VC

All inventory objects

Any object plus parent object

Permissions.Modify role

Update a role's name and its privileges.

User interface element – Roles tab context menu, toolbar button, File menu

HC and VC

Root vCenter Server

Any object

Permissions.Reassign role permissions

Reassign all permissions of a role to another role.

User interface element – Delete Role dialog box, Reassign affected users radio button and associated menu

HC and VC

Root vCenter Server

Any object