Hi all,
I'm working on a Proxmox setup involving delegated backup responsibilities across different users/teams and have encountered a few limitations around permissions and access control. I’d appreciate any insights on the following:
1. Backup Job Restrictions:
I want users to be able to set up scheduled backup jobs for their assigned VMs—similar to how it's done via Datacenter → Backup → Add, where they select VMs and set the schedule.
Currently, this seems to require granting Sys.Modify at the datacenter level, which also allows users to view and edit all backup jobs, including those created by other teams.
For now, users can perform manual backups by going to VM → Backup → Backup Now, but I want to enable scheduled jobs limited to their own VMs.
Question: Is there a way to allow users to create and manage backup jobs only for their own VMs, without giving broad access at the datacenter level?
2. Console Access:
I also want to give certain users access to the console and GUI of specific VMs and possibly the host level, without giving them broad permissions.
Question: What's the recommended way to grant console access for individual VMs and nodes?
I'm following the official docs here: https://pve.proxmox.com/wiki/User_Management#Permission_Management_and_Privileges
Any guidance is appreciated. Thanks in Advance!
I'm working on a Proxmox setup involving delegated backup responsibilities across different users/teams and have encountered a few limitations around permissions and access control. I’d appreciate any insights on the following:
1. Backup Job Restrictions:
I want users to be able to set up scheduled backup jobs for their assigned VMs—similar to how it's done via Datacenter → Backup → Add, where they select VMs and set the schedule.
Currently, this seems to require granting Sys.Modify at the datacenter level, which also allows users to view and edit all backup jobs, including those created by other teams.
For now, users can perform manual backups by going to VM → Backup → Backup Now, but I want to enable scheduled jobs limited to their own VMs.
Question: Is there a way to allow users to create and manage backup jobs only for their own VMs, without giving broad access at the datacenter level?
2. Console Access:
I also want to give certain users access to the console and GUI of specific VMs and possibly the host level, without giving them broad permissions.
Question: What's the recommended way to grant console access for individual VMs and nodes?
I'm following the official docs here: https://pve.proxmox.com/wiki/User_Management#Permission_Management_and_Privileges
Any guidance is appreciated. Thanks in Advance!
