5.1
Table Of Contents
- vCloud API Programming Guide
- Contents
- vCloud API Programming Guide
- About the VMware vCloud API
- Hello vCloud: A Simplified RESTful Workflow
- Exploring a Cloud
- Summary of vCloud API Browsing Requests
- Retrieve the Login URL and List of Supported API Versions
- Create a Login Session Using the Integrated Identity Provider
- Retrieve a List of Organizations Accessible to You
- Retrieve an Administrative View of a Cloud
- Retrieve a List of vSphere Platform Operations and Objects for a Cloud
- Provisioning an Organization
- Summary of vCloud API Provisioning Requests
- Upload an OVF Package to Create a vApp Template
- Download a vApp Template as OVF
- Upload a Media Image
- Copying and Moving with the vCloud API
- Capturing and Importing vApps
- Cataloging vApp Templates and Media Images
- Creating and Using Independent Disks
- View or Change the Owner of an Object
- Deploying and Operating vApps
- Summary of vCloud API vApp and Virtual Machine Operations Requests
- Create a vApp From a Template
- Compose a vApp From Existing Virtual Machines
- Recompose a vApp to Add or Remove Virtual Machines
- Provide User Input Requested by a Virtual Machine
- Attach or Detach an Independent Disk
- Creating and Using vApp Snapshots
- Operate a vApp
- Configuring vApps and Virtual Machines
- Retrieve the Configuration Links for a vApp
- Retrieve the Configuration Links for a Virtual Machine
- Update Multiple Sections of a Virtual Machine
- Retrieve or Update a Modifiable Section
- Update a vApp Network Configuration
- Update the NetworkConnectionSection of a Virtual Machine
- Retrieve or Modify the CPU Configuration of a Virtual Machine
- Retrieve or Modify the GuestCustomizationSection of a Virtual Machine
- Retrieve or Modify ProductSection Elements
- Retrieve or Modify Groups of Related Sections in a Virtual Machine
- Retrieve or Modify the Hard Disk Configuration of a Virtual Machine
- Update the Storage Profile for a Virtual Machine
- Creating and Managing Organizations
- Summary of Administrative Requests
- Administrator Credentials and Privileges
- Organization Administration
- vDC Administration
- Network Administration
- Catalog Administration
- User and Group Administration
- Working With Roles and Rights
- Controlling Access to vApps and Catalogs
- Managing and Monitoring a Cloud
- Summary of vSphere Platform Extension Requests
- Retrieve or Update System Settings
- Attach a vCenter Server
- Finding Available vCenter Resources
- Create a Provider vDC
- Create an External Network
- Create a Network Pool
- Import a Virtual Machine from vCenter
- Relocate a Virtual Machine to a Different Datastore
- Truststore and Keytab Maintenance
- Retrieve the vSphere URL of an Object
- Working With Object Metadata
- Using the Query Service
- Configuring and Using Blocking Tasks and Notifications
- vCloud Director Extension Services
- XML Representations in the vCloud API
- Index
Working With Roles and Rights
A role associates a role name with a set of rights. A newly created organization includes a set of predefined
roles and rights inherited from the containing cloud. An organization administrator can add new roles or
modify predefined roles.
vCloud Director uses roles, and their associated rights, to determine whether a user or group is authorized to
perform an operation. When you create or import a user or group, you must assign it a role. You can use one
of the predefined roles, or you can create a role from existing rights.
Predefined roles and rights are properties of a cloud. Roles that an organization administrator creates are
properties of the organization.
NOTE You can create and modify rights associated with extension services, but not those associated with
vCloud Director. See “Create a Service-Specific Right,” on page 300
Predefined Roles and Their Rights
vCloud Director includes predefined roles. Each of these roles includes a set of default rights.
A system administrator can create new roles and modify existing roles, except the System Administrator role.
Table 6-4. Default Rights for the Predefined Roles
System
Administrator
Organization
Administrator
Catalog
Author vApp Author vApp User
Console Access
Only
vApp:
Create/Reconfigu
re a vApp
X X X X
vApp: Delete a
vApp
X X X X X
vApp: Edit vApp
Properties
X X X X X
vApp:
Start/Stop/Suspe
nd/Reset a vApp
X X X X X
vApp: Share a
vApp
X X X X X
vApp: Copy a
vApp
X X X X X
vApp: Access to
VM Console
X X X X X X
vApp: Change
Owner
X X
vApp: Edit VM
Properties
X X X X X
vApp: Edit VM
Memory
X X X X
vApp: Edit VM
CPU
X X X X
vApp: Edit VM
Network
X X X X X
vApp: Edit VM
Hard Disk
X X X X
Chapter 6 Creating and Managing Organizations
VMware, Inc. 187