A quick post on how to create a custom vCenter Server role using PowerCLI. Cmdlets and reference pages used in this example can be found here:
Create custom vCenter Server role
- Open PowerCLI and connect to you vCenter Server: PowerCLI C:\> Connect-VIServer <IP_or_FQDN>
- Enter the Administrator credentials and login.
- Create a custom vCenter Server role by entering the following command: PowerCLI C:\> New-VIRole -Name “<Role_Name>” -Privilege (Get-VIPrivilege -Id <Privilege A>,<Privilege B>…<Privilege X>)
- Press Enter.
- PowerCLI should return the following message.
- You can verify if the role has been successfully created in the Administration -> Access Control -> Roles pane in the vCenter Server.
For example, if you want to create custom role named XYZ with privileges to power on/off the virtual machine, add new disk, and configure advanced settings then the PowerCLI command used to create this custom vCenter Server role would look like this.
PowerCLI C:\> New-VIRole -Name “XYZ” -Privilege (Get-VIPrivilege -Id VirtualMachine.Interact.PowerOn,VirtualMachine.Interact.PowerOff,VirtualMachine.Config.AddNewDisk,VirtualMachine.Config.AdvancedConfig)
List of all available vCenter Server 6 privileges can be found in the vSphere Security document. Chapter 10, Defined Privileges.
Cheers!
– Marek.Z
Be the first to comment