Create Access
Set up access control for the subject on given domain on the namespace.
Request
URLURL
https://{api_host}/api/vcenter/namespaces/instances/{namespace}/access/{domain}/{subject}
Path Parameters
Path Parameters
string
namespace
Required
Identifier for the namespace. The parameter must be an identifier for the resource type: com.vmware.vcenter.namespaces.Instance.
string
domain
Required
The domain of the subject.
string
subject
Required
The principal for this operation.
Query Parameters
Query Parameters
Header Parameters
Header Parameters
string
vmware-api-session-id
Required
Required session ID, acquired from Create Session API under CIS product
vmware-api-session-id example
"b00db39f948d13ea1e59b4d6fce56389"
Request Body
Request Body
NamespacesAccessCreateSpec of mimetype application/json
Required
Information about the access control to be created.
{
"role": "OWNER"
}
role
Required
The Access.Role enumerated type lists the default roles which can be associated with a subject on a domain on the namespace.
OWNER : This role allows modification and deletion of the namespace.
EDIT : This role allows modification of the namespace.
VIEW : This is a read-only role on the namespace.
Possible values are: OWNER , EDIT , VIEW
Authentication
This operation uses the following authentication methods.
Errors
Errors
400
com.vmware.vapi.std.errors.already_exists : if the specified principal on given domain is already associated with a role on the namespace. | com.vmware.vapi.std.errors.not_allowed_in_current_state : if the namespace is marked for deletion or the associated cluster is being disabled.
403
com.vmware.vapi.std.errors.unauthorized : if the user does not have Namespaces.Configure privilege or the namespace identifier begins with “vmware-system” prefix.
500
com.vmware.vapi.std.errors.error : if the system reports an error while responding to the request.
default
‘Default’ means this response is used for all HTTP codes that are not covered individually for this operation.
Code Samples
PowerCLI Client SDK Example
$NamespacesAccessCreateSpec = Initialize-NamespacesAccessCreateSpec -Role "OWNER"
Invoke-CreateNamespaceDomainSubjectAccess -Namespace "MyNamespace" -Domain "MyDomain" -Subject "MySubject" -Type "USER" -NamespacesAccessCreateSpec $NamespacesAccessCreateSpec
cURL Command
curl -X POST -H "vmware-api-session-id: b00db39f948d13ea1e59b4d6fce56389" -H "Content-Type: application/json" -d '{"role":"OWNER"}' https://{api_host}/api/vcenter/namespaces/instances/{namespace}/access/{domain}/{subject}?type=string
Vendor Extensions
This operation contains the following vendor extensions defined in the spec:
x-vmw-doc-operation: create
Availability
Added in 7.0.0
