Restrict access to own vms and vm disks

[oschterhas]

How can I set up permissions and privileges so that VM admin A can access, create or delete only his own VMs and VM disks, but not the ones of admin B?

With pools and the built-in roles, I manage to separate access to the VMs, but not to the storage: as soon as I add my Ceph storage to "PoolA", admin A can also access the disks for the VMs in PoolB and delete them for example.

In my pve/ceph test cluster I tried separte RBD storages for each admin (on the same ceph pool), but that didn't help. creating a ceph pool for each admin would make no sense. So how do I do this?

 

[aaron]

Any user should not be able to delete disk images from the Storage view as long as there is a VM with a matching VM ID present.

If you want to completely separate the users on a Ceph RBD storage, you could take a look at RBD namespaces.

You can create a namespace for each user and a matching Storage configuration (Enable the advanced checkbox next to the ADD button). The namespace must be create manually on the CLI. See https://docs.ceph.com/en/latest/man/8/rbd/
For example:

rbd namespace create <pool>/<namespace>

For each namespace you can then add a new RBD storage to the local pool and specify the namespace in the advanced part of the dialog or with the --namespace parameter, should you prefer the pvesm CLI tool.