When using the vSphere CLI automation tool govc to perform datastore cluster configurations, disk creation, or volume attachment workflows, tasks fail with an explicit authorization exception. While the underlying tasks may partially succeed or generate orphaned disk files within the datastore, the govc CLI wrapper terminates prematurely and returns an error.

The execution trace contains the following fault:

Error: NoPermission

VMware vCenter 8.x

The vSphere service account configuration lacks the required Read-Only visibility at the root vCenter Server object layer. Even if the service account has explicit administrative or write privileges applied locally at the target Compute Cluster, Datastore Cluster, or Folder level, the govc utility cannot complete the full creation of the datastore without read access at a higher level.

Ensure that the service account has read-only access at the vCenter level for govc to be able to complete creation of a datastore.