5.5
Table Of Contents
- vCloud API Programming Guide
- Contents
- vCloud API Programming Guide
- About the VMware vCloud API
- Hello vCloud: A Simplified RESTful Workflow
- Exploring a Cloud
- Summary of vCloud API Browsing Requests
- Retrieve the Login URL and List of Supported API Versions
- Create a Login Session Using the Integrated Identity Provider
- Retrieve a List of Organizations Accessible to You
- Retrieve an Administrative View of a Cloud
- Retrieve a List of vSphere Platform Operations and Objects for a Cloud
- Provisioning an Organization
- Summary of vCloud API Provisioning Requests
- Upload an OVF Package to Create a vApp Template
- Download a vApp or vApp Template as OVF
- Upload a Media Image
- Download a Media Image
- Capturing and Importing vApps
- Managing Catalog Items
- Creating and Using Independent Disks
- View or Change the Owner of an Object
- Controlling Access to vApps and Catalogs
- Deploying and Operating vApps
- Summary of vCloud API vApp and Virtual Machine Operations Requests
- Create a vApp From a Template
- Create a vApp From an OVF Package
- Compose a vApp From Existing Virtual Machines
- Recompose a vApp to Add or Remove Virtual Machines
- Clone a vApp
- Capture a vApp as a Template
- Update vApp Access Controls
- Provide User Input Requested by a Virtual Machine
- Attach or Detach an Independent Disk
- Creating and Using vApp Snapshots
- Operate a vApp
- Configuring vApps and Virtual Machines
- Retrieve the Configuration Links for a vApp
- Retrieve the Configuration Links for a Virtual Machine
- Update Multiple Sections of a Virtual Machine
- Retrieve or Update a Modifiable Section
- Update a vApp Network Configuration
- Update the NetworkConnectionSection of a Virtual Machine
- Retrieve or Modify the CPU Configuration of a Virtual Machine
- Retrieve or Modify the GuestCustomizationSection of a Virtual Machine
- Retrieve or Modify ProductSection Elements
- Retrieve or Modify Groups of Related Sections in a Virtual Machine
- Retrieve or Modify the Hard Disk Configuration of a Virtual Machine
- Update the Storage Profile for a Virtual Machine
- Creating and Managing Organizations
- Summary of Administrative Requests
- Administrator Credentials and Privileges
- Organization Administration
- VDC Administration
- Network Administration
- Catalog Administration
- User and Group Administration
- Working With Roles and Rights
- Managing and Monitoring a Cloud
- Summary of System Administration Requests
- Retrieve or Update System Settings
- Attach a vCenter Server
- Finding Available vCenter Resources
- Create a Provider VDC
- Create an External Network
- Create a Network Pool
- Import a Virtual Machine from vCenter
- Relocate a Virtual Machine to a Different Datastore
- Truststore and Keytab Maintenance
- Retrieve the vSphere URL of an Object
- Working With Object Metadata
- Using the Query Service
- Configuring and Using Blocking Tasks and Notifications
- vCloud Director Extension Services
- XML Representations in the vCloud API
- Index
n
any resource defined by the service that created the ACL rule
Rights for specific entity types are specified in the following container elements:
ServiceResourceAccess
This specification is optional.
OrganizationAccess
Access for the organizations. This specification is required.
PrincipalAccess
Access control for users, or for any role that includes a specified right. This
specification is required.
If the Access element in any of these containers has the value Entity, the container must also include an
Entity element that provides a reference to a resource entity, organization, user, or right.
Table 11‑2. ACL Rules
Container Element
Access
Comments
ServiceResourceAccess
Shared The action is authorized for all resources in this resource class
Entity
The action is authorized for the service resource referenced in the Entity
element in this container.
OrganizationAccess
Shared The action is authorized for all members of the organization that owns the
resource.
Published The action is authorized for all members of any organization in the cloud.
Entity The action is authorized for members of the organization referenced in the
Entity element in this container.
PrincipalAccess
Shared The action is authorized for all users
Entity
The action is authorized for the User referenced in the Entity element in
this container, or for any role that includes the Right referenced in the
Entity element in this container.
A ResourceClassAction can include an arbitrary number of AclRule elements. The action is permitted if the
user or resource attempting the action matches any rule.
Prerequisites
Verify that you are logged in to the vCloud API as a system administrator.
Procedure
1 Retrieve the XML representation of the resource class action.
This request retrieves the XML representation of the resource class action created in “Example: Define
an Action for a Resource Class,” on page 345:
GET https://vcloud.example.com/api/admin/extension/service/resourceclassaction/268
2 Examine the response to find the Link for specifying ACL rules for the resource class action.
This Link has the following form:
<vcloud:Link
rel="add"
type="application/vnd.vmware.vcloud.query.aclRule+xml"
href="https://vcloud.example.com/api/admin/extension/service/resourceclassaction/268/aclrules
" />
3 Construct an AclRule element.
See the request portion of “Example: Define an ACL Rule for a Resource Class Action,” on page 348 for
information about the contents of this element.
Chapter 11 vCloud Director Extension Services
VMware, Inc. 347