Create minimum required roles for provisioning and installing in vSphere
When a user needs permissions less than Admin, a role must be created. The process for configuring a vSphere role with the least permissions for provisioning nodes and installing includes the following steps:
Open a vSphere Client connection to the vCenter Server, described in the Prerequisites.
Select Home > Administration > Roles > New.
Give the new role a name, then select these Privileges:
Assign virtual machine to resource pool
Add new disk
Add or remove device
Change CPU count
Reload from path
Create from existing
Add the permission at the highest level and set to propagate the permissions.