Documentation Index
Fetch the complete documentation index at: https://docs.xloud.tech/llms.txt
Use this file to discover all available pages before exploring further.
Overview
Every source environment registered to XMS has a stored credential that XMS uses for discovery, preflight, and migration. The credential is shared across every job against that source. This page covers how operators should design those credentials — scoping, least privilege, storage, and rotation.Principles
One service account per source
Do not reuse a personal operator account for XMS. Create a dedicated
service account in the source directory service and use it only for
XMS — this keeps the audit trail clean and lets you rotate without
impacting humans.
Scope to the datacenter you migrate
Assign the XMS role at the datacenter you are actually migrating — not
at the vCenter root. This keeps blast radius small and prevents XMS
from accidentally touching inventory in datacenters it should not see.
Separate read-only vs migration scope
For cautious rollouts, register the source with a read-only account for
discovery and preflight first. Swap to the migration-capable account
only when you are ready to run migrations.
Rotate credentials regularly
XMS stores source credentials securely and allows in-place rotation from
the Dashboard or CLI. Build credential rotation into your standard
operational cadence.
Recommended vSphere Role
Create a dedicated role on the source vCenter and assign it to the XMS service account at the datacenter scope.| Category | Privileges | Used For |
|---|---|---|
| System | System.Anonymous, System.Read, System.View | Session establishment, inventory read |
| Virtual Machine Config | DiskLease, ChangeTracking, Settings | Enable CBT, read disk configuration |
| Virtual Machine Interact | PowerOff, PowerOn, Reset | Cold migration source power control |
| Virtual Machine State | CreateSnapshot, RemoveSnapshot, RevertSnapshot | Warm migration CBT anchor snapshots |
| Virtual Machine Provisioning | DiskRandomAccess, DiskRandomRead | Disk export over vSphere API |
| Resource | AssignVMToPool | Optional — only required for cross-cluster source preparation |
| Global | DisableMethods, EnableMethods | Optional — only required to guard against concurrent modification during cutover |
Credential Storage
XMS stores source credentials in the platform secret store. Credentials are:- Encrypted at rest using the platform-managed encryption key
- Never displayed after save — the Dashboard shows a placeholder on edit
- Accessible only to the XMS control plane, which uses them to open vSphere API sessions on behalf of jobs
Credential Rotation
- Dashboard
- CLI
Open the source details drawer
Navigate to Migration → Environments, select the source, and
click Edit.
Update credentials
Enter the new username or password (or both) and click Test
Connection to confirm the new credentials work against the source.
Deleting a Source
Delete a source only when no active migration jobs reference it. XMS blocks deletion of a source that is the parent of any running job. After all jobs complete or fail, you can delete the source from the Dashboard or CLI, which also removes the stored credential.Audit Trail
Source credential creation, update, and deletion events are captured in the platform audit log. Operators investigating an incident can trace which identity made credential changes and when, using the standard Xloud audit tooling.Next Steps
Prerequisites
Platform and project prerequisites for onboarding a source
Network Ports
Which ports must be reachable between XMS and source
Register Source
End-user steps for registering a source once credentials are ready