Get-VIPrivilegeReport Command | Vmware PowerCLI Reference

Get-VIPrivilegeReport

This cmdlet records the privilege checks that occur for the specified sessions during the execution of a specified script block. The vCenter Server systems on which the script block is executed must be managed within the script block.

Syntax

Get-VIPrivilegeReport
-ScriptBlock < ScriptBlock >
[-ProgressAction < ActionPreference > ]
[-Server < VIServer[] > ]
[CommonParameters]

Parameters

Required Parameter Name Type Position Features Description
required
 ScriptBlock ScriptBlock named
  • pipeline
 Specifies the script block to be executed to collect required privileges. The vCenter Server systems on which the script block is executed must be managed within the script block.
optional ProgressAction ActionPreference named
optional Server VIServer[] named
Specifies the vCenter Server systems on which you want to collect a privilege report. If no value is provided or $null value is passed to this parameter, the command runs on the default servers. For more information about default servers, see the description of Connect-VIServer.

Output

VMware.VimAutomation.ViCore.Types.V1.PermissionManagement.PrivilegeCheck

Examples

Example 1 

PS C:\> $scriptBlock = {
   #Try to limit the content of the script block only to the cmdlet calls you need to record
   $myVM = Get-VM myVM
   Start-VM $myVm -Confirm:$false
}
PS C:\> $privReport = Get-VIPrivilegeReport -ScriptBlock $scriptBlock
PS C:\> $entity = @{l="VIObject";e={Get-VIObjectByVIView -MORef $_.EntityMoRef -Server $_.Server}}
PS C:\> $privReport | Select-Object EntityId, $entity, Principal, Privilege | Format-Table -AutoSize

EntityId                       Entity                     Principal                   Privilege
--------                       ------                     ---------                   ---------
vim.Datacenter-datacenter-3    Datacenter                 [email protected] System.View
vim.Datastore-datastore-12     Storage1                   [email protected] System.Read
vim.ComputeResource-domain-s10 192.168.1.1                [email protected] System.Read
vim.ComputeResource-domain-s10 192.168.1.1                [email protected] System.View
vim.Folder-group-d1            Datacenters                [email protected] System.View
vim.Folder-group-v1015         vCLS                       [email protected] System.View
vim.Folder-group-v8            Discovered virtual machine [email protected] System.View
vim.VirtualMachine-vm-1011     myVM                       [email protected] System.Read
vim.VirtualMachine-vm-1011     myVM                       [email protected] System.View
vim.VirtualMachine-vm-1011     myVM                       [email protected] VirtualMachine.Interact.PowerOn

First, retrieves privilege checks from the connected vCenter Server systems. Then, enhances the report with the VIObjects retrieved from the EntityMoRef property of the retrieved PrivilegeCheck objects, when there is an equivalent high-level object available in PowerCLI.

Related Commands

VIPrivilege

This cmdlet retrieves the privilege groups and items for the provided servers.

VIPrivilegeReport

This cmdlet records the privilege checks that occur for the specified sessions during the execution of a specified script block.