Re: [ovirt-users] Users/Groups Permissions

Tue, 06 Mar 2018 00:28:40 -0800 

On 03/05/2018 10:42 AM, markus.schauf...@ooe.gv.at wrote:

Hi!

Still new to oVirt and got another question:
I have many Windows and Linux VMs and created for each the Windows and Linux machines two Usergroups (limited and admins).
Now I want to grant the groups according permissions to according VMs. How can I do this without clicking through every VM manually (e.g. by mark several vms in the UI and manage their permissions or via CLI)? 

You can use our Python SDK, please see below example:


https://github.com/oVirt/ovirt-engine-sdk/blob/master/sdk/examples/assign_permission_to_vms.py

Or you can use Ansible if you are familiar with it:


http://docs.ansible.com/ansible/latest/ovirt_permissions_module.html#examples

The playbook would look like:

 ---
- hosts: localhost
  connection: local
  vars:
     username: admin@internal
     password: thepassowrd
     insecure: True
     url: https://ovirt.example.com/ovirt-engine/api

  tasks:
  - name: Obtain SSO token
    ovirt_auth:
      url: "{{ url }}"
      username: "{{ username }}"
      password: "{{ password }}"
      insecure: "{{ insecure }}"

  - name: Add permissions to user
    ovirt_permissions:
      auth: "{{ ovirt_auth }}"
      user_name: user2
      authz_name: internal-authz
      object_type: vm
      object_name: "{{ item }}"
      role: UserVmManager
    with_items:
      - myvm1
      - myvm2
      - myvm3

  - name: Revoke SSO token
    ovirt_auth:
      state: absent
      ovirt_auth: "{{ ovirt_auth }}"



Many thanks in advance,

*Markus Schaufler, MSc*

Amt der Oö. Landesregierung
Direktion Präsidium

Abteilung Informationstechnologie

Referat ST3 Server

A-4021 Linz, Kärntnerstraße 16

*Tel.:*+43 (0)732 7720 – 13138

*Fax:*+43 (0)732 7720 - 213255

*email:*markus.schauf...@ooe.gv.at <mailto:markus.schauf...@ooe.gv.at>
*Internet:*www.land-oberoesterreich.gv.at <http://www.land-oberoesterreich.gv.at/> 

*DVR:*0069264
Der Austausch von Nachrichten mit o.a. Absender via e-mail dient ausschließlich Informationszwecken. Rechtsgültige Erklärungen dürfen über dieses Medium nur an das offizielle Postfach it.p...@ooe.gv.at <mailto:it.p...@ooe.gv.at> übermittelt werden. 



_______________________________________________
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


_______________________________________________
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Reply via email to