Created
September 2, 2019 19:24
-
-
Save laidbackware/5ff62422243c165775484b39e9084044 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import ssl, atexit, os, time, sys | |
| try: | |
| from pyVim import connect | |
| except: | |
| from pyvim import connect | |
| from pyVmomi import vim | |
| from getpass import getpass | |
| try: | |
| vc_fqdn = sys.argv[1] | |
| except IndexError: | |
| print('You must add the vCenter hostname\nFor example python vm_reported.py vcsa.home.local') | |
| sys.exit() | |
| vc_user = '[email protected]' | |
| #vc_user = input('Please enter the vCenter user name with SSO admin permission:\n') | |
| vc_pass = getpass() | |
| ssl_context = ssl.SSLContext(ssl.PROTOCOL_SSLv23) | |
| ssl_context.verify_mode = ssl.CERT_NONE | |
| si = connect.SmartConnect(host=vc_fqdn, user=vc_user, pwd=vc_pass, port=443, sslContext=ssl_context) | |
| atexit.register(connect.Disconnect, si) | |
| content = si.RetrieveContent() | |
| content.authorizationManager.roleList # Return all permissions from a vCenter | |
| perms_to_add_65 = ['Global.ManageCustomFields', 'Extension.Register', 'Datastore.FileManagement', 'Network.Assign', | |
| 'Datastore.AllocateSpace', 'Datastore.Browse', 'Datastore.DeleteFile', 'Datastore.UpdateVirtualMachineFiles', | |
| 'Folder.Create', 'Folder.Delete', 'Folder.Move', 'Folder.Rename', 'InventoryService.Tagging.CreateTag', | |
| 'InventoryService.Tagging.DeleteTag', 'InventoryService.Tagging.EditTag', 'Resource.AssignVMToPool', 'Resource.ColdMigrate', | |
| 'Resource.HotMigrate', 'VirtualMachine.Config.AddExistingDisk', 'VirtualMachine.Config.AddNewDisk', | |
| 'VirtualMachine.Config.AddRemoveDevice', 'VirtualMachine.Config.AdvancedConfig', 'VirtualMachine.Config.CPUCount', | |
| 'VirtualMachine.Config.Resource', 'VirtualMachine.Config.ManagedBy', 'VirtualMachine.Config.ChangeTracking', | |
| 'VirtualMachine.Config.DiskLease', 'VirtualMachine.Config.MksControl', 'VirtualMachine.Config.DiskExtend', | |
| 'VirtualMachine.Config.Memory', 'VirtualMachine.Config.EditDevice', 'VirtualMachine.Config.RawDevice', | |
| 'VirtualMachine.Config.ReloadFromPath', 'VirtualMachine.Config.RemoveDisk', 'VirtualMachine.Config.Rename', | |
| 'VirtualMachine.Config.ResetGuestInfo', 'VirtualMachine.Config.Annotation', 'VirtualMachine.Config.Settings', | |
| 'VirtualMachine.Config.SwapPlacement', 'VirtualMachine.Config.Unlock', 'VirtualMachine.Config.UpgradeVirtualHardware', | |
| 'VirtualMachine.Interact.AnswerQuestion', 'VirtualMachine.Interact.SetCDMedia', 'VirtualMachine.Interact.DeviceConnection', | |
| 'VirtualMachine.Interact.PowerOff', 'VirtualMachine.Interact.PowerOn', 'VirtualMachine.Interact.Reset', | |
| 'VirtualMachine.Interact.Suspend', 'VirtualMachine.Interact.ToolsInstall', 'VirtualMachine.Inventory.CreateFromExisting', | |
| 'VirtualMachine.Inventory.Create', 'VirtualMachine.Inventory.Move', 'VirtualMachine.Inventory.Delete', | |
| 'VirtualMachine.Provisioning.DiskRandomAccess', 'VirtualMachine.Provisioning.DiskRandomRead', | |
| 'VirtualMachine.Provisioning.GetVmFiles', 'VirtualMachine.Provisioning.PutVmFiles', | |
| 'VirtualMachine.Provisioning.CloneTemplate', 'VirtualMachine.Provisioning.Clone', 'VirtualMachine.Provisioning.Customize', | |
| 'VirtualMachine.Provisioning.DeployTemplate', 'VirtualMachine.Provisioning.MarkAsTemplate', | |
| 'VirtualMachine.Provisioning.MarkAsVM', 'VirtualMachine.Provisioning.ModifyCustSpecs', | |
| 'VirtualMachine.Provisioning.PromoteDisks', 'VirtualMachine.Provisioning.ReadCustSpecs', | |
| 'VirtualMachine.State.CreateSnapshot', 'VirtualMachine.State.RemoveSnapshot', 'VirtualMachine.State.RenameSnapshot', | |
| 'VirtualMachine.State.RevertToSnapshot', 'VApp.Import', 'VApp.ApplicationConfig', 'Global.SetCustomField', | |
| 'Host.Inventory.EditCluster', 'VirtualMachine.Inventory.Register', 'VirtualMachine.Inventory.Unregister', | |
| 'VirtualMachine.Interact.ConsoleInteract', 'VirtualMachine.Interact.GuestControl', | |
| 'VirtualMachine.Interact.DefragmentAllDisks', 'VirtualMachine.GuestOperations.Query', | |
| 'VirtualMachine.GuestOperations.Modify', 'VirtualMachine.GuestOperations.Execute'] | |
| perms_to_add_67 = ['Global.ManageCustomFields', 'Extension.Register', 'Datastore.FileManagement', 'Network.Assign', | |
| 'Datastore.AllocateSpace', 'Datastore.Browse', 'Datastore.DeleteFile', 'Datastore.UpdateVirtualMachineFiles', | |
| 'Folder.Create', 'Folder.Delete', 'Folder.Move', 'Folder.Rename', 'InventoryService.Tagging.CreateTag', | |
| 'InventoryService.Tagging.DeleteTag', 'InventoryService.Tagging.EditTag', 'Resource.AssignVMToPool', 'Resource.ColdMigrate', | |
| 'Resource.HotMigrate', 'VirtualMachine.Config.AddExistingDisk', 'VirtualMachine.Config.AddNewDisk', | |
| 'VirtualMachine.Config.AddRemoveDevice', 'VirtualMachine.Config.AdvancedConfig', 'VirtualMachine.Config.CPUCount', | |
| 'VirtualMachine.Config.Resource', 'VirtualMachine.Config.ManagedBy', 'VirtualMachine.Config.ChangeTracking', | |
| 'VirtualMachine.Config.DiskLease', 'VirtualMachine.Config.MksControl', 'VirtualMachine.Config.DiskExtend', | |
| 'VirtualMachine.Config.Memory', 'VirtualMachine.Config.EditDevice', 'VirtualMachine.Config.RawDevice', | |
| 'VirtualMachine.Config.ReloadFromPath', 'VirtualMachine.Config.RemoveDisk', 'VirtualMachine.Config.Rename', | |
| 'VirtualMachine.Config.ResetGuestInfo', 'VirtualMachine.Config.Annotation', 'VirtualMachine.Config.Settings', | |
| 'VirtualMachine.Config.SwapPlacement', 'VirtualMachine.Config.UpgradeVirtualHardware', | |
| 'VirtualMachine.Interact.AnswerQuestion', 'VirtualMachine.Interact.SetCDMedia', 'VirtualMachine.Interact.DeviceConnection', | |
| 'VirtualMachine.Interact.PowerOff', 'VirtualMachine.Interact.PowerOn', 'VirtualMachine.Interact.Reset', | |
| 'VirtualMachine.Interact.Suspend', 'VirtualMachine.Interact.ToolsInstall', 'VirtualMachine.Inventory.CreateFromExisting', | |
| 'VirtualMachine.Inventory.Create', 'VirtualMachine.Inventory.Move', 'VirtualMachine.Inventory.Delete', | |
| 'VirtualMachine.Provisioning.DiskRandomAccess', 'VirtualMachine.Provisioning.DiskRandomRead', | |
| 'VirtualMachine.Provisioning.GetVmFiles', 'VirtualMachine.Provisioning.PutVmFiles', | |
| 'VirtualMachine.Provisioning.CloneTemplate', 'VirtualMachine.Provisioning.Clone', 'VirtualMachine.Provisioning.Customize', | |
| 'VirtualMachine.Provisioning.DeployTemplate', 'VirtualMachine.Provisioning.MarkAsTemplate', | |
| 'VirtualMachine.Provisioning.MarkAsVM', 'VirtualMachine.Provisioning.ModifyCustSpecs', | |
| 'VirtualMachine.Provisioning.PromoteDisks', 'VirtualMachine.Provisioning.ReadCustSpecs', | |
| 'VirtualMachine.State.CreateSnapshot', 'VirtualMachine.State.RemoveSnapshot', 'VirtualMachine.State.RenameSnapshot', | |
| 'VirtualMachine.State.RevertToSnapshot', 'VApp.Import', 'VApp.ApplicationConfig', 'Global.SetCustomField', | |
| 'Host.Inventory.EditCluster', 'VirtualMachine.Inventory.Register', 'VirtualMachine.Inventory.Unregister', | |
| 'VirtualMachine.Interact.ConsoleInteract', 'VirtualMachine.Interact.GuestControl', | |
| 'VirtualMachine.Interact.DefragmentAllDisks', 'VirtualMachine.GuestOperations.Query', | |
| 'VirtualMachine.GuestOperations.Modify', 'VirtualMachine.GuestOperations.Execute'] | |
| role_name = input('Please input the name to use for the Role:\n') | |
| # perm_response = content.authorizationManager.AddAuthorizationRole(role_name, perms_to_add_67) | |
| role_id = content.authorizationManager.AddAuthorizationRole(role_name) | |
| #temp_role_id = content.authorizationManager.AddAuthorizationRole('bosh_temp_merger') | |
| print(role_id) | |
| for permission in perms_to_add_65: | |
| try: | |
| mapped_permissions = content.authorizationManager.RetrieveRolePermissions(role_id) | |
| print(mapped_permissions) | |
| mapped_permissions.append(permission) | |
| print(mapped_permissions) | |
| content.authorizationManager.UpdateAuthorizationRole(role_id, role_name, mapped_permissions) | |
| #content.authorizationManager.MergePermissions(role_id, temp_role_id) | |
| except Exception as e: | |
| print(e) | |
| #content.authorizationManager.RemoveAuthorizationRole(temp_role_id, False) | |
| #'VirtualMachine.Config.Unlock', |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment