From 15529abbed2cb838fd58a2a77638683aecdc6f19 Mon Sep 17 00:00:00 2001 From: Abhijeet Kasurde Date: Tue, 9 Jul 2019 02:02:09 +0530 Subject: [PATCH] [2.8] VMware: Warn user about dvswitch permissions (#58758) Warn user that permissions for a distributed switch must be defined and managed on either the datacenter or a folder containing the switch. (cherry picked from commit 5e2471485ae78410271e790514a038eaee4d60f0) Signed-off-by: Abhijeet Kasurde --- .../fragments/58579-vmware_object_role_perm_fix.yml | 2 ++ .../cloud/vmware/vmware_object_role_permission.py | 9 ++++++++- 2 files changed, 10 insertions(+), 1 deletion(-) create mode 100644 changelogs/fragments/58579-vmware_object_role_perm_fix.yml diff --git a/changelogs/fragments/58579-vmware_object_role_perm_fix.yml b/changelogs/fragments/58579-vmware_object_role_perm_fix.yml new file mode 100644 index 00000000000..c41df0d652a --- /dev/null +++ b/changelogs/fragments/58579-vmware_object_role_perm_fix.yml @@ -0,0 +1,2 @@ +minor_changes: + - Warn user about Distributed vSwitch permission in vmware_object_role_permission (https://github.com/ansible/ansible/issues/55248). diff --git a/lib/ansible/modules/cloud/vmware/vmware_object_role_permission.py b/lib/ansible/modules/cloud/vmware/vmware_object_role_permission.py index fb0add51dc5..4eb7de19464 100644 --- a/lib/ansible/modules/cloud/vmware/vmware_object_role_permission.py +++ b/lib/ansible/modules/cloud/vmware/vmware_object_role_permission.py @@ -27,7 +27,8 @@ author: - Joseph Andreatta (@vmwjoseph) notes: - Tested on ESXi 6.5, vSphere 6.7 - - Be sure that the ESXi user used for login, has the appropriate rights to administer permissions + - The ESXi login user must have the appropriate rights to administer permissions. + - Permissions for a distributed switch must be defined and managed on either the datacenter or a folder containing the switch. requirements: - "python >= 2.7" - PyVmomi @@ -220,6 +221,12 @@ class VMwareObjectRolePermission(PyVmomi): msg="Specified object %s of type %s was not found." % (self.params['object_name'], self.params['object_type']) ) + if self.params['object_type'] == 'DistributedVirtualSwitch': + msg = "You are applying permissions to a Distributed vSwitch. " \ + "This will probably fail, since Distributed vSwitches inherits permissions " \ + "from the datacenter or a folder level. " \ + "Define permissions on the datacenter or the folder containing the switch." + self.module.warn(msg) def main():