Continuous Data Protection (CDP)

Below are vCenter Server granular permissions required for continuous data protection (CDP):

Privilege Level

Required Permissions

Datastore

Allocate space
Browse datastore
Configure datastore
Low-level file operations
Remove file

Global

Disable methods
Enable methods
Licenses
Log event
Manage custom attributes
Set custom attribute

Host

Configuration

Advanced settings
Maintenance
Query patch

Network

Assign network

Resource

Assign virtual machine to resource pool

Datastore cluster

Configure a datastore cluster

Profile-driven storage

Profile-driven storage update
Profile-driven storage view

vApp

Add virtual machine
Assign resource pool
Unregister

Virtual Machine

Change Configuration

Acquire disk lease
Add existing disk
Add new disk
Advanced configuration
Change settings
Extend virtual disk
Remove disk
Toggle disk change tracking

Edit Inventory

Register
Remove

Guest operations

Guest operation modifications
Guest operation program execution
Guest operation queries

Interaction

Connect devices
Guest operating system management by VIX API

Provisioning

Allow disk access
Allow read-only disk access
Allow virtual machine download

Snapshot Management

Create snapshot
Remove snapshot
Rename snapshot
Revert to snapshot