ONE 5.0: Enable a user to create VNET

DaD · June 24, 2016, 12:44pm

Hello,

We setup a new ONE 5.0 to test our integration and are facing an issue with VNET creation.

I reproduce the same ACL as on our 4.14.2 ONE:

#7 NET/@101 ADMIN+CREATE *

This should permit user with ID 7 (jenkins) to create and administrate virtual networks of group 101.

But the API call returns that my user does not have ADMIN CLUSTER.

Looking at the API interface, I don’t see why I need this right.

Any idea?

Regards.

DaD · June 24, 2016, 12:45pm

I don’t see any difference with 4.14 permissions.

cmartin · June 27, 2016, 10:06am

Hi,

The problem is that the vnet is added to the default cluster, and that action requires ADMIN CLUSTER. I’ll update the documentation to reflect this.

DaD · June 28, 2016, 11:41am

Ok, so I only need to add ADMIN CLUSTER for cluster ID 0 to my user.

But this enable much more right than I may want one.cluster.delete CLUSTER:ADMIN.

This looks like my jenkins could delete cluster 0

Regards.

Topic		Replies	Views
ONE-5.02 All virtual networks shown to user (in cloud view) while it shouldn't Community Support	4	606	September 16, 2016
Sunstone Virtual Network in user view Community Support	0	754	September 22, 2017
How to allow VDC admin to create Virtual Network Community Support	5	861	May 7, 2018
VNET template and cluster IDs Community Support	3	468	February 26, 2021
ONE 5.0.1 - Networking best practice Community Support	5	1024	July 19, 2016