Cumulative Permissions

This section lists cumulative vCenter permissions required for Veeam Backup & Replication operations.

 

Note

The permissions to create and edit tag categories can only be granted at the root level.

 

Privilege Level

Cumulative Permissions

Cryptographic operations1

Add disk
Direct Access
Encrypt
Encrypt new
Migrate

dvPort Group

Create
Delete
Modify

Datastore

Allocate space
Browse datastore
Configure datastore
Low-level file operations
Remove file

Datastore cluster

Configure a datastore cluster

Extension

Register extension
Unregister extension

Folder

Create folder
Delete folder

Global

Diagnostics2
Disable methods
Enable methods
Licenses
Log event
Manage custom attributes
Set custom attribute
Settings

Host

Configuration

Advanced settings
Maintenance
Network configuration
Query patch
Storage partition configuration

Network

Assign network
Configure

Profile-driven storage (for VMware vSphere prior to 8.x)

Profile-driven storage update
Profile-driven storage view

VM storage policies (for VMware starting from 8.x)

Apply VM storage policies
Update VM storage policies
View VM storage policies

Resource

Assign virtual machine to resource pool
Create resource pool
Migrate powered off virtual machine
Migrate powered on virtual machine
Remove resource pool

Virtual Machine

Change Configuration

Acquire disk lease
Add existing disk
Add new disk
Add or remove device
Advanced configuration
Change settings
Change resource
Configure RAW device3
Extend virtual disk
Modify device settings
Remove disk
Rename
Set annotation
Toggle disk change tracking

Edit Inventory

Create
Move
Register
Remove
Unregister

Guest operations

Guest operation modifications
Guest operation program execution
Guest operation queries

Interaction

Configure CD media
Configure floppy media
Console interaction
Connect devices
Guest operating system management by VIX API
Power Off
Power On
Suspend

Provisioning

Allow disk access
Allow read-only disk access
Allow virtual machine download
Allow virtual machine files upload
Mark as template4
Mark as virtual machine4

Snapshot Management

Create snapshot
Remove snapshot
Rename snapshot
Revert to snapshot

vSphere Tagging

Assign or Unassign vSphere Tag
Assign or Unassign vSphere Tag on Object

1 required if encryption policies are used
2 required if continuous data protection is configured
3 required if machines have Virtual Compatibility RDM disks and Virtual appliance mode is used for a backup proxy
4 required for template restore

Page updated 12/11/2024

Page content applies to build 12.3.0.310