Configure Permission in vCenter for vRealize Operations Manager using PowerCLI

With the Credential Less Service Discovery feature in vRelize Operations Manager 8.5 you need to set some more permissions for the Service Account. Here is how I did it in PowerCLI


$PrincipalName = "DOMAIN\vROPSUser"
$vSphereRoleName = "vRealizeOperationsManager"

$Permissions = @("System.Anonymous","System.Read","System.View","VirtualMachine.Namespace.Management","VirtualMachine.Namespace.ModifyContent","VirtualMachine.Namespace.Query","VirtualMachine.Namespace.ReadContent")

$viRole = New-VIRole -name $vSphereRoleName -Privilege (Get-VIPrivilege -id $Permissions)
New-VIPermission -Role $viRole -Principal $PrincipalName -Propagate $true -Entity (get-folder -norecursion)

Just thinking of generating a library for different Products and their needed permissions, sadly this does not come with vCenter.

Leave a Reply