Configuration Drift fails to retrieve access_settings data in Aria Operations
Article ID: 436466
Updated On:
Products
Issue/Introduction
When creating a Config Template in Aria Operations > Operations > Configurations Drifts, the access_settings section under the appliance configuration (in Stage 3 - Configuration Settings > Expand appliance > Select access_settings > Next) appears blank or fails to return data.
Symptoms include:
Stage 3 of the Template Creation wizard shows no data for
access_settings. (As shown in the screenshot below)vCenter is incorrectly reported as "Compliant" despite having drift.
No errors are seen during the "Test Connection" of the vCenter integration.
Environment
Aria Operations 8.18.x
Cause
This is due to a security limitation within the vCenter Server API. The endpoints responsible for exposing appliance-level access_settings are restricted by vCenter to the local administrator. Standard domain-based service accounts—even those assigned the "Administrator" role—are denied access to these specific security metadata fields.
Resolution
To successfully monitor access_settings via Configuration Drift, the vCenter integration must be configured with the local administrator account:
Navigate to Administration > Integrations > vCenter.
Edit the affected vCenter instance.
Update the credentials to use [email protected] (or the equivalent local SSO administrator for your environment).
Save the integration after verifying the connection is successful.
Navigate to Operations > Configurations Drifts, edit your template, and confirm that data is now visible under Stage 3 > access_settings.
Note: This specific limitation has been addressed in the VCF Operations 9.x release, which offers expanded API access for service accounts with Administrator role.
Feedback
