Need to know how to restrict or limit VMware discovery and monitoring in the vmware probe, for example monitor only the hosts (esx/vcenters), or specific hosts, even though vmware probe discovers the vms, datastores, etc. hosted into the vcenters/esx host. How can I avoid the discovery of specific VMs and their monitoring.
Release : 20.1
Component : UIM - VMWARE
Normally customers create a specific user account with specific access/permissions on the vCenter side of things and configure that user in the UIM vmware probe to control/restrict administrative access.
You can restrict access on the vCenter side by creating a user in vCenter that only has access to the machines you want, and then configure the vmware probe to use those credentials. Depending on your specific requirements, you might need to use multiple vmware probes on different robots with different origins, each configured with a different set of vCenter creds that can access specific vCenters/VMs.
1. Create a separate special administrative-level user on the vCenter side.
2. Restrict permissions to one or more Virtual Machines
3. Configure that user in the vmware probe
4. Cold start the vmware probe (Deactivate-Activate)
5. Check the results to make sure the user does not have access to those VMs, hence they cannot be monitored by the vmware probe and cdm will take precedence for monitoring and no new/further dupes should be possible.
vmware probe discovery:
How to exclude specific VMs from vmware probe discovery
https://knowledge.broadcom.com/external/article/143897
VMWare probe - disable discovery of virtual machines (VMs)
https://knowledge.broadcom.com/external/article/190163
VMware References:
Best Practices for vCenter Server Access Control
https://docs.vmware.com/en/VMware-vSphere/6.7/com.vmware.vsphere.security.doc/GUID-6C181D08-6650-4AD1-92D1-AAFDA3A3E38C.html?hWord=N4IghgNiBcIE4FMDOAXOBLAxigBAVyQThzE02SRxQHscA3AYQQDsUiQBfIA
vSphere permissions and user management
https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.security.doc/GUID-5372F580-5C23-4E9C-8A4E-EF1B4DD9033E.html