Minimum Required vCenter User Account Permissions for Avamar User

Below are the minimum required vCenter User Account Permissions for an Avamar account in order to setup image level backups. EMC recommends as a best practice to setup a separate account for Avamar to use during the image-level backups. This is to assist with troubleshooting any problems with backups and to also help maintain a secure vCenter environment. In high-security environments, you can restrict the vCenter user account permissions required to configure and administer the Avamar VMware image backup and restore feature to all of the following:




Datastore >

• Allocate Space

• Browse datastore

• Low level file operations

• Move datastore

• Remove datastore

• Remove file

• Rename datastore

Folder >

• Create Folder

Global >

• Cancel task

• Log event

• Settings

Network >

• Assign network

• Configure

Resource >

• Assign virtual machine to resource pool

Sessions >

• Validate session

Tasks >

• Create task

• Update task

Virtual machine > Configuration >

• Add existing disk

• Add new disk

• Add or Remove device

• Advanced

• Change CPU count

• Change Resource

• Disk change Tracking

• Disk Lease

• Host USB device

• Memory

• Modify device setting

• Raw device

• Reload from path

• Remove disk

• Rename

• Reset guest information

• Settings

• Swapfile placement

• Upgrade virtual hardware

• Extend Virtual disk

Virtual machine > Interaction >

• Power Off

• Power On

• Reset

Virtual machine > Inventory >

• Create new

• Register

• Remove

• Unregister

Virtual machine > Provisioning >

• Allow read-only disk access

• Allow virtual machine download

• Mark as Template

Virtual machine > State

• Create snapshot

• Remove Snapshot

• Revert to snapshot


Leave a Reply