We ae trying to connect to just a specific cluster no the entire network of servers as we are just one tenant. we only want to see our stuff not the other tenants.
Jul 09, 2021 10:27 AM
Best security practice is an account should only have access to the vCenter objects that are appropriate.
Use permissions in vCenter to limit your account to only see the tenet you need to get data from.
Jul 09, 2021 01:37 PM
@terobinson - There is not a way to restrict the inventory that comes from the vCenter SDK. You will receive all of the Clusters and Hosts that are managed by that vCenter Instance.
What I would recommend is:
1) Go to Active Inventory and find the VM Hosts that get imported into FNMS from the other clusters and set them to a status of IGNORED. If you simply delete them, they will get created again the next time the Beacon connects to that vCenter.
2) Make sure that you are not installing the agent on the VMs in the other clusters.
Jul 09, 2021 11:27 AM
Best security practice is an account should only have access to the vCenter objects that are appropriate.
Use permissions in vCenter to limit your account to only see the tenet you need to get data from.
Jul 09, 2021 01:37 PM
Agreed, limiting access via strict permissions is the way to go.
If ESX hosts are used exclusively by one tenant only, I guess you could just inventory them directly instead of the whole vCenter.
Sep 14, 2021 09:25 AM