This is a quick post to explain what the minimum required privileges are when configuring a user for the VxRail vROps Management Pack.
The VxRail Management Pack for vROps requires a user account to connect to the vCenter Server of the VxRail. And like all good service accounts, this user should be of least privilege. Yes, administrator@vsphere.local does work also, but that’s really not why you are here!
As per the VxRail Management Pack for vROps User Guide, the account requires the following user privileges:
- Property Collection
- Objects Discovery
- Events Collection
- Performance Metrics Collection
The whereabouts of these particular privileges is best explained in the VMware doc, appropriately titled Privileges Required for Configuring a vCenter Adapter Instance
All that this post is doing really is putting both of these pieces of information in the one place via that search that brought you here, and adding some pictures.
In the vCenter Server UI > Administration > Single Sign On > Users and Groups, go create a new user in the vsphere.local domain. In our example, we used vxrail_vrops.
In the vCenter Server UI > Administration > Roles make a clone of the Read-only role and rename it appropriately e.g. VxRail vROps Role
Edit that new Role for the following privileges:
- Property Collection
- Objects Discovery
- Events Collection
- Performance Metrics Collection
… as called out in the VMware doc, these can be found as follows:
Property Collection requires:
- System > Anonymous is already configured by default in a custom role.
Objects Discovery requires:
- Profile-Driven Storage > View
In addition, Events Collection requires:
- Storage Views > View
- Datastore > Browse Datastore
- System > View is enabled by default in Custom role
Performance Metrics requires:
- Performance > Modify intervals
- System > View is enabled by default in Custom role
Click Next and Finish for this Role
vCenter Server UI > Administration > Global Permissions add the new permission to the new user, for example we used vxrail_vrops@vsphere.local

IMPORTANT – Ensure that this new user is also added to the Administrators Group (Administrators@vsphere.local) in vCenter.
In the vROps UI, once the VxRail Mgmt Pack has been successfully installed, when configuring the VxRail Adapter, enter the new credentials:

Test the connection, and if successful then Save Settings.
And you are done!
Hope that helps, Steve.