The issue is kind of strange:
I'm using a service account to provision template using packer. This user, for debug purposes, is admin (is in a "service" group that has "/" administrator permissions)
I created a token for it with NO privilege separation, that works fine through packer (tho I am not certain how it is used by the builder).
using it to do some basic curl commands on the api endpoint does not work.
I created an api token to test on the root@pam user, and it works just fine (api token with no privilege separation also)
At this point the only difference between the two is their realm.
Attached are screenshots from the user configuration.
Any help would be appreciated
I'm using a service account to provision template using packer. This user, for debug purposes, is admin (is in a "service" group that has "/" administrator permissions)
I created a token for it with NO privilege separation, that works fine through packer (tho I am not certain how it is used by the builder).
using it to do some basic curl commands on the api endpoint does not work.
Code:
lanson@lead:~$ curl -H 'Authorization: PVEAPIToken=packer@pve!automation=redacted' https://proxmox.domain.tld/api2/json/nodes/pve01/qemu/9010 | jq .
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- 0:00:03 --:--:-- 0I created an api token to test on the root@pam user, and it works just fine (api token with no privilege separation also)
Code:
lanson@lead:~$ curl -H 'Authorization: PVEAPIToken=root@pam!testing=redacted' https://proxmox.domain.tld/api2/json/nodes/pve01/qemu/9010 | jq .
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 362 100 362 0 0 3744 0 --:--:-- --:--:-- --:--:-- 3770
{
"data": [
...]
}At this point the only difference between the two is their realm.
Attached are screenshots from the user configuration.
Any help would be appreciated
Attachments
Last edited: