VMware privileges required for VMware monitoring using Site24x7

VMware privileges required for VMware monitoring using Site24x7

To monitor different VMware resources using Site24x7, you must have a few privileges enabled. For users with an Administrator role, all privileges will be available. If you have a Read Only role, you'll need additional privileges to perform certain operations. The following table lists the privileges required to monitor different VMware resources.

VMware resources
Privilege
Reason
vCenter
No additional privileges are required

ESX/ESXi host
No additional privileges are required

Virtual machine (VM)
Interact.PowerOff, Interact.PowerOn, and Interact.Reset for the connected ESX/ESXi host
To stop, start, and reset VMs for the Site24x7 console
Datastore
Browse and Config for all connected ESX/ESXi hosts
To perform basic monitoring
Resource pool
No additional privileges are required

All types
System.ReadSystem.View, and System.Anonymous
Default privileges for Read Only role.

Enabling privileges
Follow the steps below and enable the required privileges:
  1. Log in to your vSphere client.
  2. Check if you've created either of the two required roles. If not, create one by navigating to Host in the left tab, then right-click and select Permissions.
  3. Under Manage permissions, select the desired User from the list of users displayed, and click Assign role.  
  4. In Set permissions under Root, click Datastore, and check the boxes next to Browse and Config for datastores.

  5. For virtual machines, click VirtualMachine and then click Interact. Now, check the boxes next to PowerOff, PowerOn, and Reset.

  6. Finally, click Assign role.
Creating custom roles
  1. You can also create custom roles and assign the required privileges.
  2. From the left tab of your vSphere client, click Manage.
  3. In the Roles tab that opens, click Add role.
  4. In the Add role window, under Root, assign permissions for datastores and virtual machines by following the above steps 4 and 5 (under Enabling privileges).
  5. Click System. Check the boxes for Anonymous, Read, and View under System.
  6. Click Add.