Hi,
We are building application to manage VMs on a PVE cluster. This application is supposed to be limited to a specific VM pool, so it is granted PVEVMAdmin role on that pool.
When I am trying to list VMs currently in the pool I get permission error:
Is this what is supposed to happen? I would rather not give Pool.Allocate permissions to the application just to be able to list the VMs.
Is the only other way to get this list to query each cluster node separately for all VMs running there and filter by the pool?
We are building application to manage VMs on a PVE cluster. This application is supposed to be limited to a specific VM pool, so it is granted PVEVMAdmin role on that pool.
When I am trying to list VMs currently in the pool I get permission error:
Code:
$ curl -ki -b "PVEAuthCookie=..." https://vc3n1.int.axeos.nl:8006/api2/json/pools/NAME
HTTP/1.1 403 Permission check failed (/pool/NAME, Pool.Allocate)
Cache-Control: max-age=0
Connection: close
Date: Thu, 30 Jan 2020 08:04:06 GMT
Pragma: no-cache
Server: pve-api-daemon/3.0
Content-Length: 13
Content-Type: application/json;charset=UTF-8
Expires: Thu, 30 Jan 2020 08:04:06 GMT
{"data":null}Is this what is supposed to happen? I would rather not give Pool.Allocate permissions to the application just to be able to list the VMs.
Is the only other way to get this list to query each cluster node separately for all VMs running there and filter by the pool?
