There are 9 default roles in vSphere - 6 sample roles, and 3 standard.
Can be used to revoke permissions that would otherwise be propagated to an object from a parent object.
View all the tab panels in the vSphere Client except the Console tab. Cannot perform any actions through the menus and toolbars.
Add, remove, and set access rights and privileges for all thevCenter Server users and all the virtual objects in the vSphere environment.
A set of privileges to allow the user to interact with and make hardware changes to virtual machines, as well as perform snapshot operations.
A set of privileges to allow the user to interact with a virtual machine’s console, insert media, and perform power operations. Does not grant privileges to make virtual hardware changes to the virtual machine.
A set of privileges to allow the user to create child resource pools and modify the configuration of the children, but not to modify the resource configuration of the pool or cluster on which the role was granted. Also allows the user to grant permissions to child resource pools, and assign virtual machines to the parent or child resource pools.
Additional privileges must be granted on virtual machines and datastores to allow provisioning of new virtual machines.
A set of privileges to allow the user to consume space on the datastores on which this role is granted. To perform a space-consuming operation, such as creating a virtual disk or taking a snapshot, the user must also have the appropriate virtual machine privileges granted for these operations.
A set of privileges to allow the user to assign virtual machines or hosts to networks, if the appropriate permissions for the assignment are also granted on the virtual machines or hosts.