The attached document primarily focuses on the authentication/authorization required to execute different VMM tasks. For executing different VMM tasks an account/group needs to be given required permissions. The attached document explains different VMM tasks and the permissions required to execute them.
User needs to perform discovery tasks on a host/vCenter and run inventory on hosts before he executes different VMM management tasks. Credentials used in the discovery tasks are used to execute various VMM tasks. So permissions for executing discovery tasks have been covered in the doc.
See the attachment.