Hello,
We would like to apply differents permissions on specificy orgVDC owned by the same Org.
On GUI, the permissions seems only possible on Organization and not on the orgVDC.
Is there a way to do it ? API rest ? How ?
Best regards
Yes, it's possible. Check ControlAccessParams
vCloud Director API - VMware API Explorer - VMware {code}
A complete guide is on Tom's blog:
Organization VDC Permissions in vCloud Director – Tom Fojta's Blog
As far as I know, that's not possible. Roles and rights are assigned to organization and users and applied to general object types (all vApps, all VMs, all oVDCs, etc.). That means, you can only assign roles or permissions to tenants (organizations) or users, but not to oVDCs. And if you set the right to view the object type "oVDCs" in a role, all users with this role can see all oVDCs that belong to the corresponding organization. There is no mechanism for selecting "Allow view for oVDC X, Y and Z".
See: Managing Rights and Roles
Yes, it's possible. Check ControlAccessParams
vCloud Director API - VMware API Explorer - VMware {code}
A complete guide is on Tom's blog:
Organization VDC Permissions in vCloud Director – Tom Fojta's Blog
Thx you, i was testing it now.
Do you use it in production environment ?
Do you have REX from other SP ?
We currently have no vCD in productive operation.
We will switch over from VMware Integrated Openstack to vCD in Fall / Winter and currently evaluating.
Please be aware, that other ressources meight be unaffected from this setting.
Shared Networks from a different OrgVDC are still visible (and edit/deleteable) to the restricted user