Authorization Manager Remove Entity Permission
Removes a permission rule from an entity.
This will fail with an InvalidArgument fault if called on: the direct child folders of a datacenter managed object, the root resource pool of a ComputeResource or ClusterComputeResource, or a HostSystem that is part of a ComputeResource (Stand-alone Host). These objects always have the same permissions as their parent.
This will fail with an InvalidArgument fault if called on a fault-tolerance (FT) secondary VirtualMachine. Such a VirtualMachine always has the same permissions as its FT primary VirtualMachine.
The unique identifier for the managed object to which the method attaches; the serialized managed object reference for a request has the form moType/moId
, in this case AuthorizationManager/{moId}
.
The vSphere release schema. The current specification covers vSphere 8.0.2.0 APIs.
{
"entity": {
"_typeName": "string",
"type": "string",
"value": "string"
},
"user": "string",
"isGroup": false
}
User or group for which the permission is defined.
True, if user refers to a group name; false, for a user name.
No Content
NotFound: if a permission for this entity and user or group does not exist.
AuthMinimumAdminPermission: if this change would leave the system with no Administrator permission on the root node.
InvalidArgument: if one of the new role IDs is the View or Anonymous role, or the entity does not support removing permissions.
NoPermission: if current session does not have any privilege in the permission to be removed or "Authorization.ModifyPermissions" privilege on the entity.
{
"_typeName": "string",
"faultCause": "MethodFault Object",
"faultMessage": [
{
"_typeName": "string",
"key": "string",
"arg": [
{
"_typeName": "string",
"key": "string",
"value": {
"_typeName": "string"
}
}
],
"message": "string"
}
]
}