[Users] API read-only access / roles
René Koch (ovido)
r.koch at ovido.at
Mon Nov 18 16:18:34 UTC 2013
On Mon, 2013-11-18 at 16:46 +0100, Sander Grendelman wrote:
> I'm working on (Zabbix) monitoring through the RESTful API.
Very nice - do you use my check_rhev3 Nagios plugin
(https://github.com/ovido/check_rhev3) or are you working on
your own script?
>
> Which role should I assign to the monitoring user?
>
> The user only needs read access to the data but it looks like
> I nead to assign at least an "Admin" role to the user to be
> able to read data through the API.
>
> For this I've created a "AdminLoginOnly" role that only has
> System->Configure System->Login Permissions access.
>
> Is this the way to go for this king of configuration? Or is there
> a way to further minimize the permissions of this user?
I create a custom role with these permissions for Nagios monitoring,
too.
I was thinking that in oVirt 3.3 there should be a predefined
viewers-role, but can't find it in my setup :(
>
> Another issue is that a "Login" event is generated every time
> the user connects through the API. This makes the "Events"
> pane less useful / readable. Is there a way to disable this for
> some users/roles?
It depends if you have your own script or check_rhev3:
- check_rhev3 1.2: use option -o
- check_rhev3 1.3: you should not see any login information in this
version anymore
- custom script: see this page on information how to use the JSESSIONID
cookie: http://www.ovirt.org/Features/RESTSessionManagement
Regards,
René
> _______________________________________________
> Users mailing list
> Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
More information about the Users
mailing list