Re: [Users] API read-only access / roles
On Mon, 2013-11-18 at 16:46 +0100, Sander Grendelman wrote:
I'm working on (Zabbix) monitoring through the RESTful API.
Very nice - do you use my check_rhev3 Nagios plugin
(https://github.com/ovido/check_rhev3) or are you working on
your own script?
Which role should I assign to the monitoring user?
The user only needs read access to the data but it looks like
I nead to assign at least an "Admin" role to the user to be
able to read data through the API.
For this I've created a "AdminLoginOnly" role that only has
System->Configure System->Login Permissions access.
Is this the way to go for this king of configuration? Or is there
a way to further minimize the permissions of this user?
I create a custom role with these permissions for Nagios monitoring,
too.
I was thinking that in oVirt 3.3 there should be a predefined
viewers-role, but can't find it in my setup :(
Another issue is that a "Login" event is generated every time
the user connects through the API. This makes the "Events"
pane less useful / readable. Is there a way to disable this for
some users/roles?
It depends if you have your own script or check_rhev3:
- check_rhev3 1.2: use option -o
- check_rhev3 1.3: you should not see any login information in this
version anymore
- custom script: see this page on information how to use the JSESSIONID
cookie: http://www.ovirt.org/Features/RESTSessionManagement
Regards,
René
_______________________________________________
Users mailing list
Users(a)ovirt.org
http://lists.ovirt.org/mailman/listinfo/users