Unable to Reset to Green Alarm – “vSphere HA cannot reset SupervisorControlPlaneVM (#) on ##### in cluster ### in #####” Triggered on Supervisor Control Plane VM
Article ID: 419866
Updated On:
Products
Issue/Introduction
In certain vSphere environments, administrators may observe a red dot on the Supervisor Control Plane VM this is due to the triggered alarm. When attempting to reset the alarm, the “Reset to Green” option may appear greyed out, even when logged in with the [email protected] account.
The specific alarm message observed was:
Can’t reset to green alarm “vSphere HA cannot reset SupervisorControlPlaneVM (#) on ##### in cluster ### in #####”
Environment
VMware vSphere with Tanzu
VMware vSphere Kubernetes Service
VMware vSphere 7.x
VMware vSphere 8.x
Cause
This behavior is expected. Supervisor Control Plane VMs are managed components of vSphere with limited administrative privileges. Even vSphere administrators cannot reset certain alarms on these VMs because they are protected system resources.
The “Reset to Green” option on the alarm is greyed out by design. Privilege restrictions ensure that only designated roles (such as Platform Operators) can manage alarms on Supervisor Control Plane VMs.
Resolution
To address this behavior and manage alarms appropriately:
1. Create a Platform Operator User
2. Ensure the user is added to the ServiceProviderUsers group.
3. Assign Privileges: include all privileges related to alarms, except those specifically excluded in the documentation.
4. Follow Broadcom Best Practices: for detailed steps, refer to the official Broadcom documentation: 🔗 https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere-supervisor/8-0/using-tkg-service-with-vsphere-supervisor/configuring-identity-and-access-for-tkg-service-clusters/create-a-dedicated-group-and-role-for-platform-operators.html
By creating and assigning the Platform Operator role correctly, administrators can manage alarms on Supervisor Control Plane VMs without encountering privilege restrictions.
Feedback
