VMware Cloud on AWS limited rights explained

VMware Cloud on AWS is a managed service. Support, patching and maintenance of the infrastructure is the responsibility of VMware. With that said there needs to be a separation of access control so a customer does not accidentally cause a support alert or worse, bring down the entire cluster. While there are some limitations, none of which prevent customers from doing all the tasks to run their workloads on this service. In this post I will illustrate some of the limited rights that are setup for the vCenter that is used to manage your vSphere SDDC in VMware Cloud on AWS. This will hopefully help you navigate around the environment when you are writing scripts, deploying automation tools or just creating new VM’s from the vCenter Client. This is not the comprehensive list of limited right, this is more to show what may prevent a VM from being deployed.

All VM’s and new folders must be created in the Workloads folder

All VM’s and new resource pools must be created in the Compute-ResourcePool

All new VM’s, Folders or additional VMDK drives must be created under WorkloadDatastore

The Logical network for new VM’s are under Management Networks

Note: The api sees this as Management Networks/set-cgw-network-1

Anything I am missing or you want added let me know in the comments section.
Remember sharing is caring!

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.