PowerCLI Basics – Create custom vCenter Server role

A quick post on how to create a custom vCenter Server role using PowerCLI. Cmdlets and reference pages used in this example can be found here:

Create custom vCenter Server role

  1. Open PowerCLI and connect to you vCenter Server: PowerCLI C:\> Connect-VIServer <IP_or_FQDN>
  2. Enter the Administrator credentials and login.
  3. Create a custom vCenter Server role by entering the following command: PowerCLI C:\> New-VIRole -Name “<Role_Name>” -Privilege (Get-VIPrivilege -Id <Privilege A>,<Privilege B>…<Privilege X>)
  4. Press Enter.
  5. PowerCLI should return the following message.custom vCenter Server role PowerCLI
  6. You can verify if the role has been successfully created in the Administration -> Access Control -> Roles pane in the vCenter Server.

For example, if you want to create custom role named XYZ with privileges to power on/off the virtual machine, add new disk, and configure advanced settings then the PowerCLI command used to create this custom vCenter Server role would look like this.

PowerCLI C:\> New-VIRole -Name “XYZ” -Privilege (Get-VIPrivilege -Id VirtualMachine.Interact.PowerOn,VirtualMachine.Interact.PowerOff,VirtualMachine.Config.AddNewDisk,VirtualMachine.Config.AdvancedConfig)

List of all available vCenter Server 6 privileges can be found in the vSphere Security document. Chapter 10, Defined Privileges.

Cheers!

– Marek.Z

Be the first to comment

Leave a reply...