PowerCLI Reference

New-VIPermission

Synopsis

This cmdlet creates new permissions on the specified inventory objects for the provided users and groups in the role.

Syntax

New-VIPermission [-Principal] <VIAccount> [-Role] <Role> [-Entity] <VIObject> [-Propagate <Boolean>] [-Server <VIServer[]>] [-Confirm] [-WhatIf] [<CommonParameters>]

Related Commands

Online Version
Get-VIPermission
Remove-VIPermission
Set-VIPermission
Get-VIPrivilege
Get-VIRole
New-VIRole
Remove-VIRole
Set-VIRole

Detailed Description

This cmdlet creates new permissions on the specified inventory objects for the provided users and groups in the role. By default, new permissions are propagated down the hierarchy to sub-entities. You cannot create new permissions for the following objects: - direct child folders of a datacenter


- root resource pools of clusters and standalone hosts.


These objects always inherit the permissions of their parent.

Parameters

NameTypeDescriptionRequired?Pipeline InputDefault Value
PrincipalVIAccountSpecifies users and groups to which you want to apply the new permissions. If you specify principal names by using the "domain\name" syntax, wildcards are not supported. Passing multiple values to this parameter is obsolete.trueFalse
RoleRoleSpecifies the roles for which you want to create new permissions.trueFalse
EntityVIObjectSpecifies the inventory objects for which you want to create new permissions. Passing multiple values to this parameter is obsolete.trueTrue (ByValue)
ConfirmSwitchParameterIf the value is $true, indicates that the cmdlet asks for confirmation before running. If the value is $false, the cmdlet runs without asking for user confirmation.falseFalse
PropagateBooleanIndicates that you want to propagate the new permissions to the child inventory objects.falseFalse
ServerVIServer[]Specifies the vCenter Server systems on which you want to run the cmdlet. If no value is passed to this parameter, the command runs on the default servers. For more information about default servers, see the description of Connect-VIServer.falseFalse
WhatIfSwitchParameterIndicates that the cmdlet is run only to display the changes that would be made and actually no objects are modified.falseFalse

Return Type

The one or more newly created Permission objects

Notes

You can specify permissions to a datastore only on vSphere 4.1 and later.

Examples

-------------------------- Example 1 --------------------------

New-VIRole -Name Role -Server $server -Privilege (Get-VIPrivilege -PrivilegeGroup)

$permission = New-VIPermission -Role Role -Principal Administrator -Entity (Get-Datacenter)

Creates a permission on the provided server for a role with the specified privileges.


Copyright © VMware, Inc. All rights reserved.