[PVE-User] Restricting users to only interacting with their own created VMs?
harrim4n at harrim4n.com
Sat Dec 18 11:40:43 CET 2021
the only "built-in" way that I know of is to use resource pools.
Basically you create a resource pool for each user and they only have
access to create VMs in that pool. All other users don't have access to
that pool, so they can't access the VMs.
You could probably also figure out a way to automatically manage the
permissions via the API, i.e., detect which user cloned a VM via the
clone task, then automatically remove access for that specific VM ID for
all other users (or set the default so that no one has access
permissions and only grant them for that specific user). Although I'm
not sure of the top of my head if the permissions can be set up so that
users can clone a VM/template to create a new one without requiring
access to it.
On 18.12.21 07:27, Victor Hooi via pve-user wrote:
> We have a test environment setup with various shared templates (e.g.
> Windows 7, Windows 8.1, Windows 10) etc.
> We have a number of users who login, clone those templates, and do their
> own testing on their own VMs.
> What's the easiest way to restrict users to only interacting with VMs
> created by themselves?
> pve-user mailing list
> pve-user at lists.proxmox.com
More information about the pve-user