[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-API] User Based Access Control



Cloudstack/Cloudplatform does something like this.
 
XenServer itself doesn't have the necessary information in the datamodel: a VM 
doesn't have an "owner". Therefore XenServer's existing RBAC feature can't do 
what you want at present.

It might be less work to add the feature to XenServer than to implement it by 
writing new gateway software that mediates between the users and XenServer... 
but it sounds as if Olivier is adding it to his existing gateway/mediator 
software Xen-Orchestra.


> -----Original Message-----
> From: xen-api-bounces@xxxxxxxxxxxxx [mailto:xen-api-bounces@xxxxxxxxxxxxx]
> On Behalf Of Olivier Lambert
> Sent: 25 February 2015 12:12 PM
> To: Shiva Bhanujan
> Cc: xen-api@xxxxxxxxxxxxxxxxxxxx
> Subject: Re: [Xen-API] User Based Access Control
> 
> Hi,
> 
> https://xen-orchestra.com/blog/xo-4-x-starts-to-show-up/
> 
> It actually works and we are in closed Beta so far. I will create a
> small video to show you how it works.
> 
> Should be out to the end of the month.
> 
> Regards,
> 
> 
> Olivier.
> 
> On Wed, Feb 18, 2015 at 7:55 PM, Shiva Bhanujan <sxb075@xxxxxxxxx> wrote:
> > Hello,
> >
> > I'm trying to figure out if we can have a mechanism such that when user A
> > creates a VM, or a network or any object from dom0, another user B would
> not
> > have any access to objects created by user A.  Is there such a mechanism
> > available?
> >
> > I've looked at the RBAC mechanism in PAM, and Xen Orchestra, but I doubt
> if
> > they address this need.  Is anybody aware of anything that might satisfy
> > this need?
> >
> > Regards,
> > Shiva
> >
> >
> > _______________________________________________
> > Xen-api mailing list
> > Xen-api@xxxxxxxxxxxxx
> > http://lists.xen.org/cgi-bin/mailman/listinfo/xen-api
> >
> 
> _______________________________________________
> Xen-api mailing list
> Xen-api@xxxxxxxxxxxxx
> http://lists.xen.org/cgi-bin/mailman/listinfo/xen-api

_______________________________________________
Xen-api mailing list
Xen-api@xxxxxxxxxxxxx
http://lists.xen.org/cgi-bin/mailman/listinfo/xen-api


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.