PVE/PBS Backup/Restore/Delete Permissions

[ManFriday]

Hey everyone,

We’re in a situation where we’d like to give a group of admins the ability to back up and restore their own VMs, but not the ability to delete backups from the repository.

I haven’t been able to configure the permissions to make that work. Is it safe to say that if users have the ability to back up/restore, they will also have the ability to delete backups?

If it’s not possible to achieve the above, an alternative would be to allow file-level restores without giving them full VM backup/restore permissions.

However, it seems that to view the backups on disk, they need the Datastore.AllocateSpace and VM.Backup permissions, where I thought Datastore.Audit would be enough. Is there something I’m missing here?

 

[nosoop4u]

In order to keep users from accessing each other's backups, each needs to be assigned to their own namespace. Note: one downside to this is that the namespace is a level of granularity for PBS deduplication, so if there is a lot of shared data between users, your dedupe rate will not be as effective.

Then, give each user DatastoreBackup and DatastoreReader Access Roles, and set the path to their namespace under the backup datastore.

They should then only see their own backups, and be able to restore/audit/verify, but not delete, those backups.

 

[ManFriday]

Ahh, I was trying to give them the ability to do this from the ProxMox PVE interface.
I hadn't even considered giving them access to the PBS server itself.

 

[_gabriel]

you can't backup and restore from PBS.

you need create a PBS user with only backup rights which used PVE side when adding PBS to PVE, this will prevent any deletions from PVE.

+ You PVE user require some rights too, to datastore, to all or specific VMs id, like privileges VM.Backup, Datastore.Audit to allow File Restore.