Permissions list needed.

[Ludicrous09]

Description

Can we get a real list of the permissions needed to use each section of the builder? There seem to be only very old versions of this from when Jetbrains maintained this. While some of those are still applicable, there have been new features added that are not documented permissions wise. Such as publish to content library, I have given the account full content library access and it doesn't work.

The only way I can get it to work is to give it Global Permission Administrator.

I have tried Giving it Global Permission Read-only and all the rest of the normal packer permissions and everything works until it gets to publish to content library then I get a 403 forbidden.

Use Case(s)

To be able to publish a packer created OVA to a local content library in a production environment with out giving the account Global Administrator role in vcenter. An all encompassing permissions list that are needed should be provided.

Potential configuration

VCenter Server 6.7u3
VMware ESXi, 6.7.0, 17499825

Permissions my account has that will preform all operations except publish OVA to content library.

Alarms

• Acknowledge alarm
• Create alarm
• Disable alarm action
• Modify alarm
• Remove alarm
• Set alarm status

Content Library

• Add library item
• Create a subscription for a published library
• Create local library
• Create subscribed library
• Delete library item
• Delete local library
• Delete subscribed library
• Delete subscription of a published library
• Download files
• Evict library item
• Evict subscribed library
• Import storage
• Probe subscription information
• Publish a library item to its subscribers
• Publish a library to its subscribers
• Read storage
• Sync library item
• Sync subscribed library
• Type introspection
• Update configuration settings
• Update files
• Update library
• Update library item
• Update local library
• Update subscribed library
• Update subscription of a published library
• View configuration settings

Datastore

• Allocate space
• Browse datastore
• Low level file operations

Folder

• Create folder
• Delete folder
• Move folder
• Rename folder

Host

• Configuration
• System Management

Network

• Assign network
• Resource
• Assign virtual machine to resource pool

Virtual machine

• Change Configuration

•     Add new disk
  

•     Add or remove device
  

•     Advanced configuration
  

•     Change CPU count
  

•     Change Memory
  

•     Change Settings
  

•     Change resource
  

•     Rename
  

•     Set annotation
  

• Edit Inventory

•     Create new
  

•     Register
  

•     Remove
  

•     Unregister
  

• Interaction

•     Configure CD media
  

•     Configure floppy media
  

•     Connect devices
  

•     Console interaction
  

•     Power off
  

•     Power on
  

• Provisioning

•     Mark as template
  

• Snapshot management

•     Create snapshot
  

•     Rename snapshot
  

Potential References

https://www.packer.io/docs/builders/vmware/vsphere-iso

jetbrains-infra/packer-builder-vsphere#97

[ghost]

This issue has been automatically migrated to hashicorp/packer-plugin-vsphere#57 because it looks like an issue with that plugin. If you believe this is not an issue with the plugin, please reply to hashicorp/packer-plugin-vsphere#57.

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.