VMware Cloud on AWS is a managed service. Support, patching and maintenance of the infrastructure is the responsibility of VMware. With that said there needs to be a separation of access control so a customer does not accidentally cause a support alert or worse, bring down the entire cluster. While there are some limitations, none of which prevent customers from doing all the tasks to run their workloads on this service. In this post I will illustrate some of the limited rights that are setup for the vCenter that is used to manage your vSphere SDDC in VMware Cloud on AWS. This will hopefully help you navigate around the environment when you are writing scripts, deploying automation tools or just creating new VM’s from the vCenter Client. This is not the comprehensive list of limited right, this is more to show what may prevent a VM from being deployed.