Required permissions for VMware, Hyper-V, and Nutanix credentials in VMAN

To monitor virtual objects in VMAN, your credentials must have the correct permissions for any object or metric you wish to monitor. In general, VMAN will be able to monitor objects and metrics that match the permission level of your credential.

This table highlights the minimum required permissions for VMware and Hyper-V monitoring:


The VMware user account needs the following permissions:

  • For data collection, at least Read-Only permissions for the host and VMs you want to monitor
  • For datastore collection, the Browse Datastore permission

The Hyper-V account used for data collection must have the Enable Account and Remote Enable permissions.

For more information about enabling account privileges in WMI, see Configuring Distributed Component Object Model and User Account Control.


There are two types of Nutanix credentials required for monitoring in VMAN.


Nutanix API credentials

For monitoring up/down status and metrics (CPU usage, memory usage, etc.) polling for Nutanix clusters and AHV hosts, you need Nutanix API credentials. No special permissions for API credentials are needed.

You can create API credentials when you add a Nutanix cluster for monitoring.


Nutanix CVM credentials

For monitoring hardware health of Nutanix clusters and AHV hosts, you need to create and assign Nutanix CVM credentials with the following permission to a Nutanix cluster:

  • The credential must have permission to run the command "ncc hardware_info help_opts" without an additional password prompt. This can be a root user or a user or group that has been configured with the correct permissions.