Question

RBAC question. A user needs multiple types of access to PC controlled cluster


Badge

As an example, I have a set of users, all of which need full view access (no console).  However, a subset of those users need console access to a subset of VMs.  I”m not sure how this might be implemented.  We are running 5.20.2.01.  I’m not quite sure how to implement.


3 replies

Userlevel 3
Badge +3

Hello!

Please check my article. I hope it can answer some of your questions. It’s in Russian, but you can find google translate button in the bottom corner: User access control in Nutanix Prism Central

I think you need two roles, one with VM console access and one without it. And spread your users across both groups as required.

Badge

Many thanks for the information.  It was very helpful. 

I’m still struggling a bit with this scenario.

I have 4 users: A, B. C, D.  All of them need full read access to just about everything.

However A, B need console access to  a subset of consoles.  I guess I would need to roles: on for A,B and one for C,D?  I may have been over thinking this.

Badge

So A,B need read access to everything including VMs in addition to console access to only a subset of VMs..  C and D only need read access.  I’m trying to figure how how A and B can get console access to the vms then need but still “see” the other VMs.

Reply