The Corsa Security Orchestrator (CSO) requires a specific set of privileges to deploy, scale and optimize the world's most advanced next-generation firewalls.
The CSO requires direct API access to the VMWare ESXi hypervisor API. To explain this requirement, terms specific to the VMWare ESXi hypervisor will be used.
A VMWare ESXi CSO user must be assigned a role with the following privileges at a minimum.
VMWare ESXi user privileges are defined by the role assigned to that user (Host > Actions > Permissions > Assign role).
A custom role should be created to represent the CSO requirements (Host > Manage > Security & users > Roles > Add role).
Root
System
Anonymous
View
Read
Datastore
Browse
DeleteFile
FileManagement
AllocateSpace
Network
Delete
Config
Assign
Host
Config
Maintenance
AutoStart
Network
VirtualMachine
Inventory
CreateFromExisting
Delete
Interact
PowerOn
PowerOff
Reset
Config
VApp
Import