7.7. Templates and Permissions

7.7.2. Template Administrator Roles Explained

The table below describes the administrator roles and privileges applicable to template administration.

Table 7.1. Red Hat Virtualization System Administrator Roles

Role Privileges Notes
TemplateAdmin Can perform all operations on templates. Has privileges to create, delete and configure a template's storage domain and network details, and to move templates between domains.
NetworkAdmin Network Administrator Can configure and manage networks attached to templates.

7.7.3. Template User Roles Explained

The table below describes the user roles and privileges applicable to using and administrating templates in the User Portal.

Table 7.2. Red Hat Virtualization Template User Roles

Role Privileges Notes
TemplateCreator Can create, edit, manage and remove virtual machine templates within assigned resources. The TemplateCreator role is not applied to a specific template; apply this role to a user for the whole environment with the Configure window. Alternatively apply this role for specific data centers, clusters, or storage domains.
TemplateOwner Can edit and delete the template, assign and manage user permissions for the template. The TemplateOwner role is automatically assigned to the user who creates a template. Other users who do not have TemplateOwner permissions on a template cannot view or use the template.
UserTemplateBasedVm Can use the template to create virtual machines. Cannot edit template properties.
VnicProfileUser Logical network and network interface user for templates. If the Allow all users to use this Network option was selected when a logical network is created, VnicProfileUser permissions are assigned to all users for the logical network. Users can then attach or detach template network interfaces to or from the logical network.

7.7.4. Assigning an Administrator or User Role to a Resource

Assign administrator or user roles to resources to allow users to access or manage that resource.

Procedure 7.10. Assigning a Role to a Resource

  1. Use the resource tabs, tree mode, or the search function to find and select the resource in the results list.
  2. Click the Permissions tab in the details pane to list the assigned users, the user's role, and the inherited permissions for the selected resource.
  3. Click Add.
  4. Enter the name or user name of an existing user into the Search text box and click Go. Select a user from the resulting list of possible matches.
  5. Select a role from the Role to Assign: drop-down list.
  6. Click OK.
You have assigned a role to a user; the user now has the inherited permissions of that role enabled for that resource.

7.7.5. Removing an Administrator or User Role from a Resource

Remove an administrator or user role from a resource; the user loses the inherited permissions associated with the role for that resource.

Procedure 7.11. Removing a Role from a Resource

  1. Use the resource tabs, tree mode, or the search function to find and select the resource in the results list.
  2. Click the Permissions tab in the details pane to list the assigned users, the user's role, and the inherited permissions for the selected resource.
  3. Select the user to remove from the resource.
  4. Click Remove. The Remove Permission window opens to confirm permissions removal.
  5. Click OK.
You have removed the user's role, and the associated permissions, from the resource.