Permissions privileges control the assigning of roles and permissions.

You can set this privilege at different levels in the hierarchy. For example, if you set a privilege at the folder level, you can propagate the privilege to one or more objects within the folder. The object listed in the Required On column must have the privilege set, either directly or inherited.

Table 1. Permissions Privileges
Privilege Name Description Required On
Permissions.Modify permission

Allows defining one or more permission rules on an entity, or updating rules if rules are already present for the given user or group on the entity.

To have permission to perform this operation, a user or group must have this privilege assigned in both the object and its parent object.

Any object plus parent object

Permissions.Modify privilege

Allows modifying a privilege's group or description.

No vSphere Client user interface elements are associated with this privilege.

Permissions.Modify role

Allows updating a role's name and the privileges that are associated with the role.

Any object

Permissions.Reassign role permissions

Allows reassigning all permissions of a role to another role.

Any object