vSphere: Minimum User Permissions
Create minimum required roles for provisioning and installing in vSphere
When a user needs permissions less than Admin, a role must be created. The process for configuring a vSphere role with the least permissions for provisioning nodes and installing includes the following steps:
Open a vSphere Client connection to the vCenter Server, described in the Prerequisites.
Select Home > Administration > Roles > Add Role.
Give the new role a name, then select these Privileges:
Low level file operations
Storage partition configuration
Profile-driven storage view
Assign virtual machine to resource pool
Add new disk
Add existing disk
Add or remove device
Change CPU count
Reload from path
Create from existing
Add the permission at the highest level and set to propagate the permissions.