administration-guide.rst: add role definitions

This commit is contained in:
Dietmar Maurer 2020-05-02 16:40:20 +02:00
parent 8f3b3cc1f9
commit 8df51d4852

View File

@ -258,10 +258,48 @@ Or completely remove the users with:
# proxmox-backup-manager user remove john@pbs
Access Control
~~~~~~~~~~~~~~
Users do not have any permission by default. Instead you need to
specify what is allowed and what not. You can do this by assigning
roles to users on specific objects like datastores or remotes. The
following roles exist:
**Admin**
The Administrator can do anything.
**Audit**
An Auditor can view things, but is not allowed to change settings.
**NoAccess**
Disable Access - nothing is allowed.
**DatastoreAdmin**
Can do anything on datastores.
**DatastoreAudit**
Can view datastore settings and list content. But
is not allowed to read the actual data.
**DataStoreReader**
Can Inspect datastore content and can do restores.
**DataStoreBackup**
Can backup and restore owned backups.
**DatastorePowerUser**
Can backup, restore, and prune owned backups.
**RemoteAdmin**
Can do anything on remotes.
**RemoteAudit**
Can view remote settings.
**RemoteSyncOperator**
Is allowed to read data from a remote.
Backup Client usage