The documentation on the Nexus 1000v Virtual Switch Update Manager VA are unfortunately very light on details as it relates to the required security roles that the VSUM VA account needs for vCenter integration.
We created a separate account for the VSUM VA to connect to vCenter with, but my VMWare admins aren't terribly enthusiastic about having to give it fairly elevated roles just to get the extension registered.
Can anyone comment on the actual roles required for
1. The vCenter account used by the VA for integration (ie: Distributed Switch create/update, Extensions register/update, etc)
2. What role(s) my team (the network team) need in vCenter to be able to manage the VSUM functions (again, Distributed Switch create/update etc)
I'd open a TAC case on this but thought it might be a good idea to throw this out to the community in the event someone had already gone through this process, in which the benefit of discussion is for everyone and not just myself in this case.
Thanks in advance for any feedback you can provide!
Hi Chris, I never did open a case on this but we are planning to upgrade to v5.x in the very near future. As it were, I'm less than impressed with the documentation road-map on this product, but it is what it is; my team doesn't manage the VMWare infrastructure, so in the event there are issues with the VSM/VEMs, they just come see us...