Continuous Data Protection (CDP)

Below are vCenter Server granular permissions required for continuous data protection (CDP):

Privilege Level

Required Permissions

Datastore

Allocate space
Browse datastore
Configure datastore
Low-level file operations
Remove file

Datastore cluster

Configure a datastore cluster

Global

Diagnostics
Disable methods
Enable methods
Licenses
Log event
Manage custom attributes
Set custom attribute

Host

Configuration

Advanced settings
Maintenance
Query patch

Network

Assign network

Profile-driven storage (for VMware vSphere prior to 8.x)

Profile-driven storage update
Profile-driven storage view

VM storage policies (for VMware starting from 8.x)

Apply VM storage policies
Update VM storage policies
View VM storage policies

Resource

Assign virtual machine to resource pool

Sessions

privilege.StorageProfile.ViewPermissions.label

vApp

Add virtual machine
Assign resource pool
Unregister

Virtual Machine

Change Configuration

Acquire disk lease
Add existing disk
Add new disk
Advanced configuration
Change settings
Extend virtual disk
Remove disk
Toggle disk change tracking

Edit Inventory

Register
Remove

Guest operations

Guest operation modifications
Guest operation program execution
Guest operation queries

Interaction

Device connection
Guest operating system management by VIX API

Provisioning

Allow disk access
Allow read-only disk access
Allow virtual machine download

Snapshot Management

Create snapshot
Remove snapshot
Rename snapshot
Revert to snapshot

Page updated 12/19/2023

Page content applies to build 12.2.0.334