Create Access
Set up access control for the subject on given domain on the namespace.
Request
URLURL
Path Parameters
Path Parameters
Identifier for the namespace. The parameter must be an identifier for the resource type: com.vmware.vcenter.namespaces.Instance.
The domain of the subject.
The principal for this operation.
Query Parameters
Query Parameters
Header Parameters
Header Parameters
Required session ID, acquired from Create Session API under CIS product
vmware-api-session-id example
"b00db39f948d13ea1e59b4d6fce56389"
Request Body
Information about the access control to be created.
{
"role": "OWNER"
}
The Access.Role enumerated type lists the default roles which can be associated with a subject on a domain on the namespace.
OWNER : This role allows modification and deletion of the namespace.
EDIT : This role allows modification of the namespace.
VIEW : This is a read-only role on the namespace.
Possible values are: OWNER , EDIT , VIEW
UUID of an external identity provider for the user, if any. Use this field if the user is coming from an external identity provider configured via the com.vmware.vcenter.namespace_management.supervisors.identity.Providers service. If unset, vCenter Single Sign-On will be used as the identity provider. When clients pass a value of this structure as a parameter, the field must be an identifier for the resource type: com.vmware.vcenter.namespace_management.identity.Provider. When operations return a value of this structure as a result, the field will be an identifier for the resource type: com.vmware.vcenter.namespace_management.identity.Provider.
Authentication
Errors
Errors
com.vmware.vapi.std.errors.already_exists : if the specified principal on given domain is already associated with a role on the namespace. | com.vmware.vapi.std.errors.not_allowed_in_current_state : if the namespace is marked for deletion or the associated cluster is being disabled. | com.vmware.vapi.std.errors.invalid_argument : if spec contains any errors or if an invalid type is specified. | com.vmware.vapi.std.errors.unsupported : if the specified principal on given domain is not associated with the namespace, or when the user or group does not come from vSphere SSO and the OWNER role is being granted.
com.vmware.vapi.std.errors.unauthorized : if the user does not have Namespaces.Configure privilege or the namespace identifier begins with “vmware-system” prefix.
com.vmware.vapi.std.errors.error : if the system reports an error while responding to the request.
‘Default’ means this response is used for all HTTP codes that are not covered individually for this operation.
Code Samples
PowerCLI Client SDK Example
PowerCLI Client SDK All Parameters Example
cURL Command
Vendor Extensions
x-vmw-doc-operation: create