Permissions for accessing Qemu agent info

[jtracy]

I am trying figure out what permission is need to access the agent info through the PVE API. I have a users that is setup wit the role of PVEAuditor and can access what agent info is available through /api2/json/nodes/{node}/qemu/{vmid}/agent. But if I try and access info such as the network interface information through /api2/json/nodes/{node}/qemu/{vmid}/agent/network-get-interfaces I end up with a 403. I have been searching all morning trying to figure out which permissions grant that but can't seem to find it anywhere. Does anyone know what controls access to these agent URLs?

 

[dcsapak]

check the api viewer here: https://pve.proxmox.com/pve-docs/api-viewer/

 

[jtracy]

Thanks.

I see that it requires VM.Monitor which states it grants access to VM monitor (kvm). Is there a document that states what api functions this permission has access to? Some sort of reverse mapping?