Permissions
Permissions are the associations of roles
with privileges on a specified managed entity. You use permissions to specify
which users can access which managed entity.
A child entity inherits the permissions of its
parent if the parent’s
propagate
property is set to
true. A permission that is set directly on a child overrides the permission in
the parent. To grant permission to all child entities of a
Datacenter
object, assign
permissions to the
Datacenter
object and set the
Permission
object’s
propagate
property to
true
.
Figure 1
shows that users
root
and
vpxuser
both have permissions on
the
rootFolder
of the inventory.
The vpxuser
is the account created on
a host by the vCenter Server system when that host is added to the vCenter
Server system. The vCenter Server system needs access to the inventory objects
of the host systems that it manages, so the
vpxuser
account is granted
privileges to the
rootFolder
of each host.
See
Authentication and Authorization
for a detailed discussion of privileges, permissions, and user management.
Inventory and Permissions
