Zerto Virtual Replication Permissions in vCenter Server
VMware roles and permissions are the core of VMware infrastructure security. Permissions are a combination of a user/group and a security role that is applied to some level of the VMware Infrastructure. Zerto Virtual Replication supplies a number of default privileges that enable a VMware administrator to perform specific actions.
You can define additional roles and assign these roles the privileges they need. All privileges are implemented at the root level, and thus apply to every object in the vCenter Server. The following privileges are required by Zerto Virtual Replication:
Live Failover / Move – Enables performing a failover or move.
Manage cloud connector – Enables installing and uninstalling Zerto Cloud Connectors. For details, refer to Zerto Cloud Manager Administration Guide.
Manage Sites – Enables editing the site configuration, including site details, pairing and unpairing sites, updating the license and editing advanced site settings.
Manage VPG – Enables creating, editing, and deleting a VPG and adding checkpoints to a VPG.
Manage VRA – Enables installing and uninstalling VRAs.
Test Failover – Enables performing a test failover.
Viewer – For internal use only.
These privileges are assigned as to the Administrator role when Zerto Virtual Replication is installed.
Note: When upgrading vCenter Server be sure that the user entity that Zerto Virtual Replication is using is preserved in the user/permissions hierarchy.