Installation guide
n
“Update Datastore Permissions,” on page 63
n
“Update Network Permissions,” on page 64
Datastore Privileges
In VMware vSphere 4.0, datastores have their own set of access control privileges. As a result, you might need
to reconfigure your permissions to grant the new datastore privileges. This is required if you have
nonpropagating Read-only permission set on the datacenter for users.
Table 9-2 lists the default datastore privileges that, when selected for a role, can be paired with a user and
assigned to a datastore.
Table 9-2. Datastore Privileges
Privilege Name Actions Granted to Users Affects
Pair with
Object
Effective on
Object
Allocate Space Allocate space on a datastore for a virtual
machine, snapshot, or clone.
hosts, vCenter
Servers
datastores datastores,
virtual disks
Browse Datastore Browse files on a datastore, including CD-
ROM or Floppy media and serial or parallel
port files. In addition, the browse datastore
privilege allows users to add existing disks
to a datastore.
hosts, vCenter
Servers
datastores datastores,
datastore folders,
hosts, virtual
machines
Delete Datastore Remove a datastore. hosts, vCenter
Servers
datastores datastores,
datastore folders
Delete Datastore
File
Delete a file in the datastore. hosts, vCenter
Servers
datastores datastores
File Management Carry out file operations in the datastore
browser.
hosts, vCenter
Servers
datastores datastores
Move Datastore Move a datastore between folders in the
inventory.
NOTE Privileges are required on both the
source and destination objects.
vCenter Servers datastore,
source and
destination
object
datastores,
datastore folders
Rename Datastore Rename a datastore. hosts, vCenter
Servers
datastores datastores
Network Privileges
In VMware vSphere 4.0, networks have their own set of access control privileges. As a result, you might need
to reconfigure your permissions to grant the new network privileges. This is required if you have
nonpropagating Read-only permission set on the datacenter.
Table 9-3 lists the default network privileges that, when selected for a role, can be paired with a user and
assigned to a network.
Table 9-3. Network Privileges
Privilege Name Actions Granted to Users Affects
Pair with
Object
Effective on
Object
Assign Network Assign a network to a virtual
machine.
VCenter Servers virtual
machine
network, virtual
machine
Configure
Network
Configure a network. hosts, vCenter Servers network,
network
folder
networks, virtual
machines
vSphere Upgrade Guide
62 VMware, Inc.