Users with the Administrator role can obtain information about Permission objects at different levels of detail.

• For an array of Permission objects, call the AuthorizationManager.RetrieveAllPermissions method.
• For specific inventory objects, such as managed entities, folders, datacenters, or virtual services, call the AuthorizationManager.RetrieveEntityPermissions method.
• For a role defined in the system, call the AuthorizationManager.RetrieveRolePermissions method.

See the vSphere API Reference.