4:06 p.m.
Hi,
When creating a new data-center, a management network is created for it.
By default the created management network is defined as VM network.
I'd like to consult from permissions perspective, what is the preferred
permission settings for that network.
The network is defined as management network, therefore it is designed
be used by VMs. However, the admin should grant permissions on that
networks to the target users (which one might find tedious).
We can grant permission on that network to 'everyone' with role
'NetworkUser', but in case the admin doesn't meant this network to be
used, the permission should be removed.
In 'Add Logical Network' dialog I've added a new checkbox to allow
granting 'everyone' a role for using that network ('NetworkUser').
We can embrace same method in 'Add Data-Center' dialog.
Thoughts ?
Thanks,
Moti
11:51 a.m.
On 10/12/12 16:06, Moti Asayag wrote:
Hi,
When creating a new data-center, a management network is created for it.
By default the created management network is defined as VM network.
I'd like to consult from permissions perspective, what is the preferred
permission settings for that network.
The network is defined as management network, therefore it is designed
be used by VMs.
I think you meant that the management network is marked by default as a
VM network and therefor is available for usage within the VMs.
However, the admin should grant permissions on that
networks to the target users (which one might find tedious).
I'm in favor of keeping this behavior, I think that by default the
management network should not be available to users unless explicitly a
permission was added by the admin.
We can grant permission on that network to 'everyone' with
role
'NetworkUser', but in case the admin doesn't meant this network to be
used, the permission should be removed.
In 'Add Logical Network' dialog I've added a new checkbox to allow
granting 'everyone' a role for using that network ('NetworkUser').
We can embrace same method in 'Add Data-Center' dialog.
That's an interesting option I'd wait with adding this until we get some
feedback from the users on the usage of network permissions.
Thoughts ?
Thanks,
Moti
_______________________________________________
Engine-devel mailing list
Engine-devel(a)ovirt.org
http://lists.ovirt.org/mailman/listinfo/engine-devel
4355
days inactive
4361
days old
1 comments
2 participants
participants (2)
-
Livnat Peer -
Moti Asayag