community.vmware.vmware_object_role_permission_info – Gather information about object’s permissions

Note

This plugin is part of the community.vmware collection (version 1.15.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install community.vmware.

To use it in a playbook, specify: community.vmware.vmware_object_role_permission_info.

New in version 1.11.0: of community.vmware

Synopsis

  • This module can be used to gather object permissions on the given VMware object.

Requirements

The below requirements are needed on the host that executes this module.

  • python >= 3
  • PyVmomi

Parameters

Parameter Choices/Defaults Comments
hostname
string
The hostname or IP address of the vSphere vCenter or ESXi server.
If the value is not specified in the task, the value of environment variable VMWARE_HOST will be used instead.
Environment variable support added in Ansible 2.6.
moid
string
Managed object ID for the given object.
Mutually exclusive with object_name.

aliases: object_moid
object_name
string
The object name to assigned permission.
Mutually exclusive with moid.
object_type
string
    Choices:
  • Folder
  • VirtualMachine
  • Datacenter
  • ResourcePool
  • Datastore
  • Network
  • HostSystem
  • ComputeResource
  • ClusterComputeResource
  • DistributedVirtualSwitch
The object type being targeted.
password
string
The password of the vSphere vCenter or ESXi server.
If the value is not specified in the task, the value of environment variable VMWARE_PASSWORD will be used instead.
Environment variable support added in Ansible 2.6.

aliases: pass, pwd
port
integer
Default:
443
The port number of the vSphere vCenter or ESXi server.
If the value is not specified in the task, the value of environment variable VMWARE_PORT will be used instead.
Environment variable support added in Ansible 2.6.
principal
string
added in 1.12.0 of community.vmware
The optional name of an entity, such as a user, assigned permissions on an object.
If provided, actual permissions on the specified object are returned for the principal, instead of roles.
proxy_host
string
Address of a proxy that will receive all HTTPS requests and relay them.
The format is a hostname or a IP.
If the value is not specified in the task, the value of environment variable VMWARE_PROXY_HOST will be used instead.
This feature depends on a version of pyvmomi greater than v6.7.1.2018.12
proxy_port
integer
Port of the HTTP proxy that will receive all HTTPS requests and relay them.
If the value is not specified in the task, the value of environment variable VMWARE_PROXY_PORT will be used instead.
username
string
The username of the vSphere vCenter or ESXi server.
If the value is not specified in the task, the value of environment variable VMWARE_USER will be used instead.
Environment variable support added in Ansible 2.6.

aliases: admin, user
validate_certs
boolean
    Choices:
  • no
  • yes
Allows connection when SSL certificates are not valid. Set to false when certificates are not trusted.
If the value is not specified in the task, the value of environment variable VMWARE_VALIDATE_CERTS will be used instead.
Environment variable support added in Ansible 2.6.
If set to true, please make sure Python >= 2.7.9 is installed on the given machine.

Notes

Note

  • Tested on ESXi 6.5, vSphere 6.7
  • The ESXi login user must have the appropriate rights to administer permissions.
  • Supports check mode.
  • All modules requires API write access and hence is not supported on a free ESXi license.

Examples

- name: Gather role information about Datastore
  community.vmware.vmware_object_role_permission_info:
    hostname: "{{ vcenter_hostname }}"
    username: "{{ vcenter_username }}"
    password: "{{ vcenter_password }}"
    validate_certs: false
    object_name: ds_200
    object_type: Datastore

- name: Gather permissions on Datastore for a User
  community.vmware.vmware_object_role_permission_info:
    hostname: "{{ vcenter_hostname }}"
    username: "{{ vcenter_username }}"
    password: "{{ vcenter_password }}"
    validate_certs: false
    principal: [email protected]
    object_name: ds_200
    object_type: Datastore

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
permission_info
list / elements=string
always
information about object's permission

Sample:
[{'principal': 'VSPHERE.LOCAL\\vpxd-extension-12e0b667-892c-4694-8a5e-f13147e45dbd', 'propagate': True, 'role_id': -1, 'role_name': 'Admin'}]


Authors

  • Abhijeet Kasurde (@Akasurde)

© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/community/vmware/vmware_object_role_permission_info_module.html