proxmox-mirrors/pve-docs
1
0
Fork 0
mirror of https://git.proxmox.com/git/pve-docs synced 2025-04-29 10:40:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

pveum: add intro to 'limited API Token' section

Browse Source 
Add a short introduction to the section "Limited API Token for
Monitoring", to provide some context

Signed-off-by: Dylan Whyte <d.whyte@proxmox.com>
This commit is contained in:
Dylan Whyte 2021-10-01 17:30:50 +02:00 committed by Thomas Lamprecht
parent 9694224859
commit a13a971d00
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
pveum.adoc
View File

@ -793,7 +793,13 @@ members of the group `customers` and within the realm `pve`.
Limited API Token for Monitoring
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Given a user `joe@pve`, with the PVEVMAdmin role on all VMs:
Permissions on API tokens are always a subset of those of their corresponding
user, meaning that an API token can't be used to carry out a task that the
backing user has no permission to do. This section will demonstrate how you can
use an API token with separate privileges, to limit the token owner's
permissions further.
Give the user `joe@pve` the role PVEVMAdmin on all VMs:
[source,bash]
pveum acl modify /vms -user joe@pve -role PVEVMAdmin