GeekAfterFive

Infrastructure as Code

home

Sharing vApps in vCloud with PowerCLI

26 Jun 2012

vCloud Director gives Organization users some granular control over what level of access users have to vApps, which can be controlled through the vCloud API and PowerCLI. The following code grabs a vApp's current access settings, and allows a user to modify the vApp.
# Get our required Objects
$vapp = Get-CIVApp "My vApp"
$user = Get-CIUser "UserToBeAdded"

# Access Level can be one of: ReadOnly,Change,FullControl
$accessLevel = "Change"

# Get current access policy from vApp
$access = $vapp.ExtensionData.GetControlAccess()

if (!$access.AccessSettings)
{
 $access.AccessSettings = New-Object VMware.VimAutomation.Cloud.Views.AccessSettings
}


# New Access object
$newAccess = new-object VMware.VimAutomation.Cloud.Views.AccessSetting
$newAccess.Subject = New-Object VMware.VimAutomation.Cloud.Views.Reference

# Set our access level
$newAccess.AccessLevel = $accessLevel

# Insert user href
$newAccess.Subject.Href = $user.ExtensionData.Href
$newAccess.Subject.Type = "application/vnd.vmware.admin.user+xml"

# Add new access to vApp access settings object
$access.AccessSettings.AccessSetting += $newAccess

#Send new Access config
$vapp.ExtensionData.ControlAccess($access)
You can also control the default access policy, as well as the level using: $access.IsSharedToEveryone and $access.EveryoneAccessLevel !!!
comments powered by Disqus