Permissions privileges control the assigning of roles and permissions.
You can set this privilege at different levels in the hierarchy. For example, if you set a privilege at the folder level, you can propagate the privilege to one or more objects within the folder. The object listed in the Required On column must have the privilege set, either directly or inherited.
| Privilege Name | Description | Required On |
|---|---|---|
| Allows defining one or more permission rules on an entity, or updating rules if rules are already present for the given user or group on the entity. To have permission to perform this operation, a user or group must have this privilege assigned in both the object and its parent object. |
Any object plus parent object |
|
| Allows modifying a privilege's group or description. No vSphere Web Client user interface elements are associated with this privilege. |
||
| Allows updating a role's name and the privileges that are associated with the role. |
Any object |
|
| Allows reassigning all permissions of a role to another role. |
Any object |
