On Tuesday, 4 February 2020 15:00:01 CET Pavel Nakonechnyi wrote: > > I am trying to achieve the following: > - create a regular user in oVirt environment; [DONE] > - grant full access to a particular VM; [DONE] > - grant privileges to create new VMs; [NOT OK] >
> > What permissions have to be granted to a user to be able to create disks? > > oVirt engine package version: 4.3.7.2-1.el7 I have a quite weird situation. If I add to a user SuperUser role, it becomes possible to suspend VMs and perform other actions. This is expected. However, when I "copy" SuperUser role with the same set of privileges under another name, and grant the user account with this new role, VMs can not be suspended with the same error as in the original message: Validation of action 'AddImageFromScratch' failed for user pavel@internal- authz. Reasons: VAR__TYPE__STORAGE__DOMAIN,NON_ADMIN_USER_NOT_AUTHORIZED_TO_PERFORM_ACTION_ON_HE Is it possible that oVrit checks "ADMIN" role by comparing its name? Anyway, what roles/permissions I should grant to a user if I want him to suspend a VM (a particular one)? I thought it is quite common scenario. _______________________________________________ Users mailing list -- [email protected] To unsubscribe send an email to [email protected] Privacy Statement: https://www.ovirt.org/site/privacy-policy/ oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/[email protected]/message/WF6CD37CTYGK7K4G6ZFEEGVPX6LOA4IY/
