This KB will provide steps to add back the required Roles to vCenter for WCP service to operate normally

Symptoms:
The following Roles are built for use by the WCP service on vCenter:

Role name in vmdir	Role Name in vSphere Web client
WorkloadStorageManagement	Workload Storage Manager
vSphereKubernetesManager	vSphere Kubernetes Manager
SupervisorServiceCluster	Supervisor Cluster Operator
SupervisorServiceRootFolder	SupervisorService RootFolder Operator
SupervisorServiceGlobal	Supervisor Operator
VMOperatorController	VMOperator Controller
VMOperatorControllerGlobal	VMOperator Controller Manager
VMServicesAdministrator	VM Services Administrator
NsxAuditor	NSX Auditor
NsxViAdministrator	NSX VI Administrator
NsxAdministrator	NSX Administrator

If these roles are removed, don't exist for some reason, or are misnamed (contain spaces in VMDIR) users will encounter numerous different errors related to access and capabilities in the WCP configuration. VCSA updates may also fail due to validation errors when checking for these users.

VMware vSphere 8.0 with Tanzu
VMware vSphere 7.0 with Tanzu

1. Connect to vCenter via SSH

2. Create a /usr/lib/vmware-wcp/py-modules/roles.py file and import config using the following command (ensure you copy the entire text from cat to the last EOF line):
 

3. Set the Python path with the following command:

# export PYTHONPATH="${PYTHONPATH}:/usr/lib/vmware/site-packages"

4. Run the python script to recreate roles using the following command: