Try SpotterGather information about object's permissions
Authors: Abhijeet Kasurde (@Akasurde)
Install with ansible-galaxy collection install community.vmware:==4.2.0
collections:
- name: community.vmware
version: 4.2.0This module can be used to gather object permissions on the given VMware object.
- name: Gather role information about Datastore
community.vmware.vmware_object_role_permission_info:
hostname: "{{ vcenter_hostname }}"
username: "{{ vcenter_username }}"
password: "{{ vcenter_password }}"
validate_certs: false
object_name: ds_200
object_type: Datastore
- name: Gather permissions on Datastore for a User
community.vmware.vmware_object_role_permission_info:
hostname: "{{ vcenter_hostname }}"
username: "{{ vcenter_username }}"
password: "{{ vcenter_password }}"
validate_certs: false
principal: some.user@company.com
object_name: ds_200
object_type: Datastore
moid:
aliases:
- object_moid
description:
- Managed object ID for the given object.
- Mutually exclusive with O(object_name).
type: str
port:
default: 443
description:
- The port number of the vSphere vCenter or ESXi server.
- If the value is not specified in the task, the value of environment variable E(VMWARE_PORT)
will be used instead.
type: int
hostname:
description:
- The hostname or IP address of the vSphere vCenter or ESXi server.
- If the value is not specified in the task, the value of environment variable E(VMWARE_HOST)
will be used instead.
type: str
password:
aliases:
- pass
- pwd
description:
- The password of the vSphere vCenter or ESXi server.
- If the value is not specified in the task, the value of environment variable E(VMWARE_PASSWORD)
will be used instead.
type: str
username:
aliases:
- admin
- user
description:
- The username of the vSphere vCenter or ESXi server.
- If the value is not specified in the task, the value of environment variable E(VMWARE_USER)
will be used instead.
type: str
principal:
description:
- The optional name of an entity, such as a user, assigned permissions on an object.
- If provided, actual permissions on the specified object are returned for the principal,
instead of roles.
required: false
type: str
proxy_host:
description:
- Address of a proxy that will receive all HTTPS requests and relay them.
- The format is a hostname or a IP.
- If the value is not specified in the task, the value of environment variable E(VMWARE_PROXY_HOST)
will be used instead.
required: false
type: str
proxy_port:
description:
- Port of the HTTP proxy that will receive all HTTPS requests and relay them.
- If the value is not specified in the task, the value of environment variable E(VMWARE_PROXY_PORT)
will be used instead.
required: false
type: int
object_name:
description:
- The object name to assigned permission.
- Mutually exclusive with O(moid).
type: str
object_type:
choices:
- Folder
- VirtualMachine
- Datacenter
- ResourcePool
- Datastore
- Network
- HostSystem
- ComputeResource
- ClusterComputeResource
- DistributedVirtualSwitch
- DistributedVirtualPortgroup
- StoragePod
default: Folder
description:
- The object type being targeted.
type: str
validate_certs:
default: true
description:
- Allows connection when SSL certificates are not valid. Set to V(false) when certificates
are not trusted.
- If the value is not specified in the task, the value of environment variable E(VMWARE_VALIDATE_CERTS)
will be used instead.
type: bool
permission_info:
description: information about object's permission
returned: always
sample:
- principal: VSPHERE.LOCAL\vpxd-extension-12e0b667-892c-4694-8a5e-f13147e45dbd
propagate: true
role_id: -1
role_name: Admin
type: list