June 26, 2012

Sharing vApps in vCloud with PowerCLI

By Jake

vCloud Director gives Organization users some granular control over what level of access users have to vApps, which can be controlled through the vCloud API and PowerCLI.

The following code grabs a vApp’s current access settings, and allows a user to modify the vApp.


# Get our required Objects
$vapp = Get-CIVApp "My vApp"
$user = Get-CIUser "UserToBeAdded"

# Access Level can be one of: ReadOnly,Change,FullControl
$accessLevel = "Change"

# Get current access policy from vApp
$access = $vapp.ExtensionData.GetControlAccess()

if (!$access.AccessSettings)
{
 $access.AccessSettings = New-Object VMware.VimAutomation.Cloud.Views.AccessSettings
}


# New Access object
$newAccess = new-object VMware.VimAutomation.Cloud.Views.AccessSetting
$newAccess.Subject = New-Object VMware.VimAutomation.Cloud.Views.Reference

# Set our access level
$newAccess.AccessLevel = $accessLevel

# Insert user href
$newAccess.Subject.Href = $user.ExtensionData.Href
$newAccess.Subject.Type = "application/vnd.vmware.admin.user+xml"

# Add new access to vApp access settings object
$access.AccessSettings.AccessSetting += $newAccess

#Send new Access config
$vapp.ExtensionData.ControlAccess($access)

You can also control the default access policy, as well as the level using: $access.IsSharedToEveryone and $access.EveryoneAccessLevel !!!

About these ads
This entry was posted on Tuesday, June 26th, 2012 at 3:38 pm and tagged with , , , , , , and posted in PowerCLI, vCloud, vmware. You can follow any responses to this entry through the RSS 2.0 feed.

One Response to “Sharing vApps in vCloud with PowerCLI”

  • Karsten Bundgaard
    June 27th, 2012 at 5:42 am

    Hi Jake
    Will this be okay, i made it as a function :

    Function Sharing-CIVapp {
    # examble of sharing a vApp Sharing-CIVapp -user mars01 -vapp mars01 -accessLevel FullControl
    Param (
    $user=$(throw “need -user”),
    $vApp=$(throw “need -vApp”),
    $accessLevel=$(throw “need -accessleve Like ReadOnly, Change, FullControl”)
    )
    Process {
    $vappOrg = Get-CIVApp $vApp
    $user1 = Get-CIUser $user
    $accessLevel = “FullControl”
    $access = $vappOrg.ExtensionData.GetControlAccess()

    if (!$access.AccessSettings)
    {
    $access.AccessSettings = New-Object VMware.VimAutomation.Cloud.Views.AccessSettings
    }
    $newAccess = new-object VMware.VimAutomation.Cloud.Views.AccessSetting
    $newAccess.Subject = New-Object VMware.VimAutomation.Cloud.Views.Reference
    $newAccess.AccessLevel = $accessLevel
    $newAccess.Subject.Href = $user1.ExtensionData.Href
    $newAccess.Subject.Type = “application/vnd.vmware.admin.user+xml”
    $access.AccessSettings.AccessSetting += $newAccess
    $vappOrg.ExtensionData.ControlAccess($access)
    }
    }

    It works like a charm, thanks to you :-)

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 884 other followers

%d bloggers like this: