XLAB Steampunk logo Try Spotter
 / home / community / community.vmware / 0.4.0 / module / vmware_object_role_permission

community.vmware.vmware_object_role_permission (0.4.0) — module

Manage local roles on an ESXi host

Authors: Derek Rushing (@kryptsi), Joseph Andreatta (@vmwjoseph)

preview | supported by community

Install collection | Add to requirements.yml | Description | Requirements | Usage examples | Inputs | Outputs

Install collection

Install with ansible-galaxy collection install community.vmware:==0.4.0


Add to requirements.yml

  collections:
    - name: community.vmware
      version: 0.4.0

Description

This module can be used to manage object permissions on the given host.


Requirements

Usage examples

Scanned by Steampunk Spotter
  • Success
    Steampunk Spotter scan finished with no errors, warnings or hints.
- name: Assign user to VM folder
  vmware_object_role_permission:
    role: Admin
    principal: user_bob
    object_name: services
    state: present
  delegate_to: localhost
Scanned by Steampunk Spotter
  • Success
    Steampunk Spotter scan finished with no errors, warnings or hints.
- name: Remove user from VM folder
  vmware_object_role_permission:
    role: Admin
    principal: user_bob
    object_name: services
    state: absent
  delegate_to: localhost
Scanned by Steampunk Spotter
  • Success
    Steampunk Spotter scan finished with no errors, warnings or hints.
- name: Assign finance group to VM folder
  vmware_object_role_permission:
    role: Limited Users
    group: finance
    object_name: Accounts
    state: present
  delegate_to: localhost
Scanned by Steampunk Spotter
  • Success
    Steampunk Spotter scan finished with no errors, warnings or hints.
- name: Assign view_user Read Only permission at root folder
  vmware_object_role_permission:
    role: ReadOnly
    principal: view_user
    object_name: rootFolder
    state: present
  delegate_to: localhost

Inputs

    
port:
    default: 443
    description:
    - The port number of the vSphere vCenter or ESXi server.
    - If the value is not specified in the task, the value of environment variable C(VMWARE_PORT)
      will be used instead.
    - Environment variable support added in Ansible 2.6.
    type: int

role:
    description:
    - The role to be assigned permission.
    required: true
    type: str

group:
    description:
    - The group to be assigned permission.
    - Required if C(principal) is not specified.
    type: str

state:
    choices:
    - present
    - absent
    default: present
    description:
    - Indicate desired state of the object's permission.
    - When C(state=present), the permission will be added if it doesn't already exist.
    - When C(state=absent), the permission is removed if it exists.
    type: str

hostname:
    description:
    - The hostname or IP address of the vSphere vCenter or ESXi server.
    - If the value is not specified in the task, the value of environment variable C(VMWARE_HOST)
      will be used instead.
    - Environment variable support added in Ansible 2.6.
    type: str

password:
    aliases:
    - pass
    - pwd
    description:
    - The password of the vSphere vCenter or ESXi server.
    - If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD)
      will be used instead.
    - Environment variable support added in Ansible 2.6.
    type: str

username:
    aliases:
    - admin
    - user
    description:
    - The username of the vSphere vCenter or ESXi server.
    - If the value is not specified in the task, the value of environment variable C(VMWARE_USER)
      will be used instead.
    - Environment variable support added in Ansible 2.6.
    type: str

principal:
    description:
    - The user to be assigned permission.
    - Required if C(group) is not specified.
    type: str

recursive:
    default: true
    description:
    - Should the permissions be recursively applied.
    type: bool

proxy_host:
    description:
    - Address of a proxy that will receive all HTTPS requests and relay them.
    - The format is a hostname or a IP.
    - If the value is not specified in the task, the value of environment variable C(VMWARE_PROXY_HOST)
      will be used instead.
    - This feature depends on a version of pyvmomi greater than v6.7.1.2018.12
    required: false
    type: str

proxy_port:
    description:
    - Port of the HTTP proxy that will receive all HTTPS requests and relay them.
    - If the value is not specified in the task, the value of environment variable C(VMWARE_PROXY_PORT)
      will be used instead.
    required: false
    type: int

object_name:
    description:
    - The object name to assigned permission.
    required: true
    type: str

object_type:
    choices:
    - Folder
    - VirtualMachine
    - Datacenter
    - ResourcePool
    - Datastore
    - Network
    - HostSystem
    - ComputeResource
    - ClusterComputeResource
    - DistributedVirtualSwitch
    default: Folder
    description:
    - The object type being targeted.
    type: str

validate_certs:
    default: true
    description:
    - Allows connection when SSL certificates are not valid. Set to C(false) when certificates
      are not trusted.
    - If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS)
      will be used instead.
    - Environment variable support added in Ansible 2.6.
    - If set to C(yes), please make sure Python >= 2.7.9 is installed on the given machine.
    type: bool

Outputs

changed:
  description: whether or not a change was made to the object's role
  returned: always
  type: bool
Got feedback? steampunk@xlab.si | © 2024. All rights reserved.
Cookie policy-Privacy policy-Terms of use-Security policy