Creating the admin.readonly user

A user with the admin.readonly role has "read-only" access to all platform functions available to the administrator. Such a user cannot change settings or perform operations on the platform and its entities - virtual machines, clusters, networks, etc. For example, a user with this role can be created to collect platform metrics via API.

Note

The admin.readonly user can only interact with the platform via API. Creation and authorization of a user with this role is not available in the platform interface.

Creation steps:

1. Get an authorization token:

   curl -k -X POST -H "accept: application/json" -H "Content-Type: application/json" 'https://domain.com/auth/v4/public/token' -d '{"email": "admin_email", "password": "admin_pass"}'

   CODE
    Comments to the command

   domain.com — domain name or IP address of the server with the platform
   

   admin_email — platform administrator's email

   admin_pass — platform administrator's password

   In response, you will get the message in the form:

   Example of response in JSON

   {
     "confirmed": true,
     "expires_at": null,
     "id": "6",
     "token": "4-e9726dd9-61d9-2940-add3-914851d2cb8a"
   }

   CODE

   Save the received token value.

2. Execute the command:

   Example of the command

   curl -k -o- -H "Host: domain.com" -d '{"email": "user@example.com", "password": "pswd", "role": "@admin.readonly"}' -# https://domain.com/vm/v3/account -H "x-xsrf-token: token"

   CODE
    Comments to the command

   domain.com — domain name of the server with VMmanager

   user@example.com —  user еmail

   pswd — user password

   token — authorization token