Hello,
We are implementing puppet on top of the vm deployments using vRO. Since puppet runs as root on the client and puppet runs as root on the puppet master. How do we protect the integrity of root permissions as a Linux team? My thought process was to build the vm, run a workflow to install the agent on the new server, then run a command on the puppet master to accept the cert. However, to do this vRO needs to maintain root permissions on both the client and the master. Therefore, how do we protect these permissions from the VMware team while at the same time completing our objectives?