1. Bug Overview: a) Description of bug report: [RHOCP4.10] What minimum privileges are required for provisioning volume with vSphere CSI? b) Bug Description: From OpenShift Container Platform 4.10 includes a built-in version of the vSphere CSI Operator Driver that is supported by Red Hat. Customer wants to allocate only minimum privileges to Vsphere CSI driver. Please see doc[A], which explains how to install OpenShift on vSphere with UPI. About required vSphere privileges, it just says "This user must have at least the roles and privileges that are required for static or dynamic persistent volume provisioning in vSphere". It means that user doesn't need to allocate such a lot of privileges with UPI. So, Customer request is to have separate section in document which include required permission info just for enabling vSphere CSI driver in UPI installation page. [A] https://docs.openshift.com/container-platform/4.10/installing/installing_vsphere/installing-vsphere.html 2. Business impact: In actual situation, many VMs are running on our customer's vSphere cluster besides OpenShift. To avoid troubles, our customer wants to allocate only minimum privileges to OpenShift. (For example, it would be a big problem if OpenShift deleted unrelated VM by bug of Machine API. For avoiding such a problem, customer doesn't want to allocate unnecessary privileges). Thanks, Swati
The needinfo request[s] on this closed bug have been removed as they have been unresolved for 365 days