Hi folks, we are doing some tests with VMware and User ACLs.
Currently we can usage TAGs to restrict users to access some components in VMware Infrastructure (folders, vms, datastore), but I did not found how to TAG VLAN networks (Port Groups created in vSwitch).
Could someone have any idea howto do it ?
Best regards
Carlos
As far as I know VLANs (portgroups) cannot be tagged, only switches.
Hi @xian , thanks for your information.
Well, is there any other way to restrict the VLANs ?
Best regards
Carlos
VLANs can definitely be tagged, though maybe not from the UI. See the following:
$evm = MiqAeMethodService::MiqAeService.new(MiqAeEngine::MiqAeWorkspaceRuntime.new)
lans = $evm.vmdb(:lan).all.select { |lan| lan.name.downcase.exclude? 'dmz' }
lans.each do |lan|
lan.tag_unassign('network_purpose')
lan.tag_unassign('environment')
id = get_vlanid(lan.name)
next if id.nil? || id.zero?
vlan_tags.each do |role, env_hash|
env_hash.each do |env, vlans|
if vlans.include?(id)
lan.tag_assign("network_purpose/#{role}")
lan.tag_assign("environment/#{env}")
end
end
end
endThank you !!! I will try do some tests⌠Is it planned to be supported by Gui interface!?
best regards
Carlos
Where do I put this code?