Selecting a role for the VMware vCenter integration

While configuring ServiceNow to connect to vCenter, you supply credentials for a vCenter user. The user's permissions in vCenter determine which VMware tasks the user can perform in the ServiceNow instance. Based on the role that you select, you can implement one of a variety of levels of permission.

Administrator role in VMware

The Administrator role provides all privileges available in vCenter. This includes access to every operation that ServiceNow supports plus all of the features that ServiceNow does not use. Using the Administrator role is a simple way to grant a ServiceNow instance full power.

Full access

It is possible define a role that provides the ServiceNow instance enough access to perform all supported operations without granting full Administrator privileges. The role should include the following permissions:
vCenter Permissions
Datastore Allocate space
Browse datastore
Network Assign network
Resource Assign virtual machine to resource pool
Virtual Machine Configuration Add new disk
Add or remove device
Advanced
Change CPU count
Change resource
Memory
Modify device settings
Rename
Resest guest information
Settings
Interaction Device connection
Power off
Power on
Reset
Suspend
Inventory Create from existing
Remove
Provisioning All
Snapshot management All

With this role, ServiceNow users can run Discovery, view all resources, perform all operations (Start, Stop, Pause, Snapshot, Terminate, VM Modifications), and provision new VMs (including guest customization).

Read-only user

The "Read-only" role allows a user limited read access to the system without any other privileges. The role allows ServiceNow users to run Discovery and view resources.

The role does not have permission to provision new VMs or to run any VM operations.