VMware Source Environments

Describes the format used to store credentials for VMware source environments.

Required vSphere Privileges for Discovery

Discovery: Create a user with a read-only role. For information on how to create a user, see vCenter Server System Roles in VMware documentation.

Required vSphere Privileges for Replication

For replicating assets, create a vCenter server custom role, such as Oracle Cloud Migrations. For information on how to create a custom role, see Create a vCenter Server Custom Role in VMware documentation.

The privileges that you must define for the role that you create are as follows:
  1. Global: For the global category, select the following privileges:
    • Disable methods
    • Enable methods
    • Licenses
  2. Virtual machine: For the virtual machine category, select the following privileges:
    • Change configuration: Acquire disk lease
    • Provisioning: Allow read-only disk access
    • Provisioning: Allow virtual machine download
    • Snapshot management: Create snapshot
    • Snapshot management: Remove snapshot

You can create a role by cloning an existing role. For example, you can clone the VMware consolidated backup user (sample role), add required global privileges, and then save the role as a new role for replication.

VMware Credentials Format

The following format is used to store credentials used for VMware source environments.
{"username":"<USER@DOMAIN>","password":"<PASSWORD>"}

VMware Credentials Usage

For VMware source environments, the remote agent appliance resource types are granted access to the secrets storing vSphere credentials for both discovery and replication tasks. Access to credentials is validated using IAM policies at the begining of each discovery or replication operation. See VMware Service Policies for more information.