Created
September 2, 2019 19:24
-
-
Save laidbackware/5ff62422243c165775484b39e9084044 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import ssl, atexit, os, time, sys | |
| try: | |
| from pyVim import connect | |
| except: | |
| from pyvim import connect | |
| from pyVmomi import vim | |
| from getpass import getpass | |
| try: | |
| vc_fqdn = sys.argv[1] | |
| except IndexError: | |
| print('You must add the vCenter hostname\nFor example python vm_reported.py vcsa.home.local') | |
| sys.exit() | |
| vc_user = 'administrator@vsphere.local' | |
| #vc_user = input('Please enter the vCenter user name with SSO admin permission:\n') | |
| vc_pass = getpass() | |
| ssl_context = ssl.SSLContext(ssl.PROTOCOL_SSLv23) | |
| ssl_context.verify_mode = ssl.CERT_NONE | |
| si = connect.SmartConnect(host=vc_fqdn, user=vc_user, pwd=vc_pass, port=443, sslContext=ssl_context) | |
| atexit.register(connect.Disconnect, si) | |
| content = si.RetrieveContent() | |
| content.authorizationManager.roleList # Return all permissions from a vCenter | |
| perms_to_add_65 = ['Global.ManageCustomFields', 'Extension.Register', 'Datastore.FileManagement', 'Network.Assign', | |
| 'Datastore.AllocateSpace', 'Datastore.Browse', 'Datastore.DeleteFile', 'Datastore.UpdateVirtualMachineFiles', | |
| 'Folder.Create', 'Folder.Delete', 'Folder.Move', 'Folder.Rename', 'InventoryService.Tagging.CreateTag', | |
| 'InventoryService.Tagging.DeleteTag', 'InventoryService.Tagging.EditTag', 'Resource.AssignVMToPool', 'Resource.ColdMigrate', | |
| 'Resource.HotMigrate', 'VirtualMachine.Config.AddExistingDisk', 'VirtualMachine.Config.AddNewDisk', | |
| 'VirtualMachine.Config.AddRemoveDevice', 'VirtualMachine.Config.AdvancedConfig', 'VirtualMachine.Config.CPUCount', | |
| 'VirtualMachine.Config.Resource', 'VirtualMachine.Config.ManagedBy', 'VirtualMachine.Config.ChangeTracking', | |
| 'VirtualMachine.Config.DiskLease', 'VirtualMachine.Config.MksControl', 'VirtualMachine.Config.DiskExtend', | |
| 'VirtualMachine.Config.Memory', 'VirtualMachine.Config.EditDevice', 'VirtualMachine.Config.RawDevice', | |
| 'VirtualMachine.Config.ReloadFromPath', 'VirtualMachine.Config.RemoveDisk', 'VirtualMachine.Config.Rename', | |
| 'VirtualMachine.Config.ResetGuestInfo', 'VirtualMachine.Config.Annotation', 'VirtualMachine.Config.Settings', | |
| 'VirtualMachine.Config.SwapPlacement', 'VirtualMachine.Config.Unlock', 'VirtualMachine.Config.UpgradeVirtualHardware', | |
| 'VirtualMachine.Interact.AnswerQuestion', 'VirtualMachine.Interact.SetCDMedia', 'VirtualMachine.Interact.DeviceConnection', | |
| 'VirtualMachine.Interact.PowerOff', 'VirtualMachine.Interact.PowerOn', 'VirtualMachine.Interact.Reset', | |
| 'VirtualMachine.Interact.Suspend', 'VirtualMachine.Interact.ToolsInstall', 'VirtualMachine.Inventory.CreateFromExisting', | |
| 'VirtualMachine.Inventory.Create', 'VirtualMachine.Inventory.Move', 'VirtualMachine.Inventory.Delete', | |
| 'VirtualMachine.Provisioning.DiskRandomAccess', 'VirtualMachine.Provisioning.DiskRandomRead', | |
| 'VirtualMachine.Provisioning.GetVmFiles', 'VirtualMachine.Provisioning.PutVmFiles', | |
| 'VirtualMachine.Provisioning.CloneTemplate', 'VirtualMachine.Provisioning.Clone', 'VirtualMachine.Provisioning.Customize', | |
| 'VirtualMachine.Provisioning.DeployTemplate', 'VirtualMachine.Provisioning.MarkAsTemplate', | |
| 'VirtualMachine.Provisioning.MarkAsVM', 'VirtualMachine.Provisioning.ModifyCustSpecs', | |
| 'VirtualMachine.Provisioning.PromoteDisks', 'VirtualMachine.Provisioning.ReadCustSpecs', | |
| 'VirtualMachine.State.CreateSnapshot', 'VirtualMachine.State.RemoveSnapshot', 'VirtualMachine.State.RenameSnapshot', | |
| 'VirtualMachine.State.RevertToSnapshot', 'VApp.Import', 'VApp.ApplicationConfig', 'Global.SetCustomField', | |
| 'Host.Inventory.EditCluster', 'VirtualMachine.Inventory.Register', 'VirtualMachine.Inventory.Unregister', | |
| 'VirtualMachine.Interact.ConsoleInteract', 'VirtualMachine.Interact.GuestControl', | |
| 'VirtualMachine.Interact.DefragmentAllDisks', 'VirtualMachine.GuestOperations.Query', | |
| 'VirtualMachine.GuestOperations.Modify', 'VirtualMachine.GuestOperations.Execute'] | |
| perms_to_add_67 = ['Global.ManageCustomFields', 'Extension.Register', 'Datastore.FileManagement', 'Network.Assign', | |
| 'Datastore.AllocateSpace', 'Datastore.Browse', 'Datastore.DeleteFile', 'Datastore.UpdateVirtualMachineFiles', | |
| 'Folder.Create', 'Folder.Delete', 'Folder.Move', 'Folder.Rename', 'InventoryService.Tagging.CreateTag', | |
| 'InventoryService.Tagging.DeleteTag', 'InventoryService.Tagging.EditTag', 'Resource.AssignVMToPool', 'Resource.ColdMigrate', | |
| 'Resource.HotMigrate', 'VirtualMachine.Config.AddExistingDisk', 'VirtualMachine.Config.AddNewDisk', | |
| 'VirtualMachine.Config.AddRemoveDevice', 'VirtualMachine.Config.AdvancedConfig', 'VirtualMachine.Config.CPUCount', | |
| 'VirtualMachine.Config.Resource', 'VirtualMachine.Config.ManagedBy', 'VirtualMachine.Config.ChangeTracking', | |
| 'VirtualMachine.Config.DiskLease', 'VirtualMachine.Config.MksControl', 'VirtualMachine.Config.DiskExtend', | |
| 'VirtualMachine.Config.Memory', 'VirtualMachine.Config.EditDevice', 'VirtualMachine.Config.RawDevice', | |
| 'VirtualMachine.Config.ReloadFromPath', 'VirtualMachine.Config.RemoveDisk', 'VirtualMachine.Config.Rename', | |
| 'VirtualMachine.Config.ResetGuestInfo', 'VirtualMachine.Config.Annotation', 'VirtualMachine.Config.Settings', | |
| 'VirtualMachine.Config.SwapPlacement', 'VirtualMachine.Config.UpgradeVirtualHardware', | |
| 'VirtualMachine.Interact.AnswerQuestion', 'VirtualMachine.Interact.SetCDMedia', 'VirtualMachine.Interact.DeviceConnection', | |
| 'VirtualMachine.Interact.PowerOff', 'VirtualMachine.Interact.PowerOn', 'VirtualMachine.Interact.Reset', | |
| 'VirtualMachine.Interact.Suspend', 'VirtualMachine.Interact.ToolsInstall', 'VirtualMachine.Inventory.CreateFromExisting', | |
| 'VirtualMachine.Inventory.Create', 'VirtualMachine.Inventory.Move', 'VirtualMachine.Inventory.Delete', | |
| 'VirtualMachine.Provisioning.DiskRandomAccess', 'VirtualMachine.Provisioning.DiskRandomRead', | |
| 'VirtualMachine.Provisioning.GetVmFiles', 'VirtualMachine.Provisioning.PutVmFiles', | |
| 'VirtualMachine.Provisioning.CloneTemplate', 'VirtualMachine.Provisioning.Clone', 'VirtualMachine.Provisioning.Customize', | |
| 'VirtualMachine.Provisioning.DeployTemplate', 'VirtualMachine.Provisioning.MarkAsTemplate', | |
| 'VirtualMachine.Provisioning.MarkAsVM', 'VirtualMachine.Provisioning.ModifyCustSpecs', | |
| 'VirtualMachine.Provisioning.PromoteDisks', 'VirtualMachine.Provisioning.ReadCustSpecs', | |
| 'VirtualMachine.State.CreateSnapshot', 'VirtualMachine.State.RemoveSnapshot', 'VirtualMachine.State.RenameSnapshot', | |
| 'VirtualMachine.State.RevertToSnapshot', 'VApp.Import', 'VApp.ApplicationConfig', 'Global.SetCustomField', | |
| 'Host.Inventory.EditCluster', 'VirtualMachine.Inventory.Register', 'VirtualMachine.Inventory.Unregister', | |
| 'VirtualMachine.Interact.ConsoleInteract', 'VirtualMachine.Interact.GuestControl', | |
| 'VirtualMachine.Interact.DefragmentAllDisks', 'VirtualMachine.GuestOperations.Query', | |
| 'VirtualMachine.GuestOperations.Modify', 'VirtualMachine.GuestOperations.Execute'] | |
| role_name = input('Please input the name to use for the Role:\n') | |
| # perm_response = content.authorizationManager.AddAuthorizationRole(role_name, perms_to_add_67) | |
| role_id = content.authorizationManager.AddAuthorizationRole(role_name) | |
| #temp_role_id = content.authorizationManager.AddAuthorizationRole('bosh_temp_merger') | |
| print(role_id) | |
| for permission in perms_to_add_65: | |
| try: | |
| mapped_permissions = content.authorizationManager.RetrieveRolePermissions(role_id) | |
| print(mapped_permissions) | |
| mapped_permissions.append(permission) | |
| print(mapped_permissions) | |
| content.authorizationManager.UpdateAuthorizationRole(role_id, role_name, mapped_permissions) | |
| #content.authorizationManager.MergePermissions(role_id, temp_role_id) | |
| except Exception as e: | |
| print(e) | |
| #content.authorizationManager.RemoveAuthorizationRole(temp_role_id, False) | |
| #'VirtualMachine.Config.Unlock', |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment