Last active
July 22, 2021 11:40
-
-
Save thecloudxpert/dd2ad62ba315c9f38e5c41fc85c1be86 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $vcenter = Read-Host -Prompt "Enter the FQDN of the vCenter Server" | |
| $sso_user = Read-Host -Prompt "Enter the SSO Admin User" | |
| $sso_password = Read-Host -assecurestring -Prompt "Enter the SSO Admin Password" | |
| $vra_privileges = @( | |
| "ContentLibrary.AddLibraryItem", | |
| "ContentLibrary.CreateLocalLibrary", | |
| "ContentLibrary.DeleteLibraryItem", | |
| "ContentLibrary.DeleteLocalLibrary", | |
| "ContentLibrary.DeleteSubscribedLibrary", | |
| "ContentLibrary.DownloadSession", | |
| "ContentLibrary.EvictLibraryItem", | |
| "ContentLibrary.EvictSubscribedLibrary", | |
| "ContentLibrary.ProbeSubscription", | |
| "ContentLibrary.ReadStorage", | |
| "ContentLibrary.SyncLibraryItem", | |
| "ContentLibrary.SyncLibrary", | |
| "ContentLibrary.UpdateConfiguration", | |
| "ContentLibrary.UpdateSession", | |
| "ContentLibrary.UpdateLibrary", | |
| "ContentLibrary.UpdateLibraryItem", | |
| "ContentLibrary.UpdateLocalLibrary", | |
| "ContentLibrary.UpdateSubscribedLibrary", | |
| "ContentLibrary.GetConfiguration", | |
| "Datastore.AllocateSpace", | |
| "Datastore.Browse", | |
| "Datastore.FileManagement", | |
| "StoragePod.Config", | |
| "Folder.Create", | |
| "Folder.Delete", | |
| "Global.ManageCustomFields", | |
| "Global.SetCustomField", | |
| "Global.SystemTag", | |
| "Global.GlobalTag", | |
| "Network.Assign", | |
| "Authorization.ModifyPermissions", | |
| "Resource.AssignVMToPool", | |
| "Resource.HotMigrate", | |
| "Resource.ColdMigrate", | |
| "StorageProfile", | |
| "vApp.Import", | |
| "vApp.ApplicationConfig", | |
| "VirtualMachine.Inventory.CreateFromExisting", | |
| "VirtualMachine.Inventory.Create", | |
| "VirtualMachine.Inventory.Delete", | |
| "VirtualMachine.Inventory.Move", | |
| "VirtualMachine.Interact.SetCDMedia", | |
| "VirtualMachine.Interact.PowerOn", | |
| "VirtualMachine.Interact.PowerOff", | |
| "VirtualMachine.Interact.ConsoleInteract", | |
| "VirtualMachine.Interact.Suspend", | |
| "VirtualMachine.Interact.Reset", | |
| "VirtualMachine.Interact.ToolsInstall", | |
| "VirtualMachine.Interact.DeviceConnection", | |
| "VirtualMachine.Config.AddExistingDisk", | |
| "VirtualMachine.Config.AddNewDisk", | |
| "VirtualMachine.Config.AddRemoveDevice", | |
| "VirtualMachine.Config.RemoveDisk", | |
| "VirtualMachine.Config.AdvancedConfig", | |
| "VirtualMachine.Config.CPUCount", | |
| "VirtualMachine.Config.Resource", | |
| "VirtualMachine.Config.DiskExtend", | |
| "VirtualMachine.Config.ChangeTracking", | |
| "VirtualMachine.Config.Memory", | |
| "VirtualMachine.Config.EditDevice", | |
| "VirtualMachine.Config.Rename", | |
| "VirtualMachine.Config.Annotation", | |
| "VirtualMachine.Config.Settings", | |
| "VirtualMachine.Config.SwapPlacement", | |
| "VirtualMachine.Provisioning.Customize", | |
| "VirtualMachine.Provisioning.CloneTemplate", | |
| "VirtualMachine.Provisioning.Clone", | |
| "VirtualMachine.Provisioning.DeployTemplate", | |
| "VirtualMachine.Provisioning.ReadCustSpecs", | |
| "VirtualMachine.State.CreateSnapshot", | |
| "VirtualMachine.State.RevertToSnapshot", | |
| "VirtualMachine.State.RemoveSnapshot" | |
| ) | |
| Function ConnectToVI ([string]$Name, [string]$User, [SecureString]$Password) | |
| { | |
| $Credential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $User, $Password | |
| Do { | |
| Start-Sleep -s 5 | |
| $Con = Connect-VIServer $Name -Credential $Credential -Force -ErrorAction SilentlyContinue | |
| } Until ($Con.IsConnected -eq $True) | |
| Write-Host "$Name connected - Success" -ForeGroundColor Green | |
| } | |
| Write-Host "Connecting to $vCenter" -ForeGroundColor Yellow | |
| ConnectToVI $vCenter $sso_user $sso_password | |
| $role = Read-Host -Prompt "Enter the name for the new vCenter role" | |
| try { | |
| Write-Host "Creating the $role role" -ForeGroundColor Yellow | |
| New-VIRole -Name $role -Privilege (Get-VIPrivilege -id $vRA_Privileges) -ErrorAction Stop | Out-Null | |
| Write-Host "Create $role - Success" | |
| } catch { | |
| Write-Host "Unable to create the $role role" -ForeGroundColor Red | |
| Write-Host $_.Exception.Message | |
| Write-Host $_.Exception.ItemName | |
| Break | |
| } | |
| $vra_user = Read-Host -Prompt "Enter the name of the VRA User (<domain>\<user>)" | |
| try { | |
| Write-Host "Set Permissions for $vra_user using the new $role Role" -ForeGroundColor Yellow | |
| $rootFolder = Get-Folder -NoRecursion | |
| New-VIPermission -entity $rootFolder -Principal $vra_user -Role $role -Propagate:$true -ErrorAction Stop| Out-Null | |
| Write-Host "Assign $role to $vra_user - Success" -ForeGroundColor Green | |
| } catch { | |
| Write-Host "Unable to assigne $role to $vra_user" -ForeGroundColor Red | |
| Write-Host $_.Exception.Message | |
| Write-Host $_.Exception.ItemName | |
| Break | |
| } | |
| Write-Host "Disconnecting from vCenter at $vCenter" -ForeGroundColor Yellow | |
| Disconnect-VIServer $vCenter -Confirm:$false |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment