Bug 1653375

Summary: Minimum set of privileges need to specified for configuring VMware vSphere Cloud Provider.
Product: OpenShift Container Platform Reporter: Saurabh Sadhale <ssadhale>
Component: DocumentationAssignee: Vikram Goyal <vigoyal>
Status: NEW --- QA Contact: Xiaoli Tian <xtian>
Severity: high Docs Contact: Vikram Goyal <vigoyal>
Priority: unspecified    
Version: 3.11.0CC: aos-bugs, jokerman, mmccomas
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Saurabh Sadhale 2018-11-26 16:40:44 UTC
Document URL: 
https://docs.openshift.com/container-platform/3.11/install_config/configuring_vsphere.html

Section Number and Name: 
VMware vSphere cloud provider prerequisites


Describe the issue: 

The set of privileges that are present in the table for the role manage-k8s-node-vms are unclear for some specific type of deployments. For example, the following privileges will not be necessary when static volume provisioning will be implemented 
1.VirtualMachine.Inventory.Create 
2.VirtualMachine.Inventory.Delete. 


Suggestions for improvement: 

I was going through a document provided by VMware for configuring Kubernetes storage which has distinct set of privileges with respect to static volume provisioning and dynamic volume provisioning.

Additional information: 
https://vmware.github.io/vsphere-storage-for-kubernetes/documentation/vcp-roles.html