EKS Anywhere network create error "System.Read privilege" in vSphere

This fix has been verified to work on VMware Cloud on AWS and may work on vSphere 7.x+ This also has been verified to work on environment where the permissions were set previously and has worked.

Step 1:

1. Log into vCenter
2. Go to Administration/Global Permissions and select and Delete [DOMAIN/Admin Group] (ex. EC2.INTERNAL/eksa-local-user)
3. Waiting about 10-15 seconds for the permission change to take affect
4. In Administration/Global Permissions click on Add
5. Select Domain > [DOMAIN] (ex. eksa-domain.internal)
6. User/Group > [Admin Group] (ex. eksa-local-user
7. Role> select CloudAdmin
8. Check “Propogate to children”
9. Click OK button
10. Wait 10-15 seconds before going to next step

Step 2:

1. Go to Inventory and then go to Network section/tab
2. Expand vcenter-xxxxxxxx/SDDC-Datacenter and select vmc-hostswitch
3. Click on Permissions tab
4. Click on Add button
5. Select Domain > [DOMAIN] (ex. eksa-domain.internal)
6. User/Group > [Admin Group] (ex. eksa-local-user)
7. Role> select Read-only
8. Be sure that “Propogate to children” is unchecked
9. Click OK button

Wait 10-15 seconds before trying to provision a new cluster again. Be sure to log off of any active sessions before trying the steps above.