7.7. Templates and Permissions
7.7.2. Template Administrator Roles Explained
The table below describes the administrator roles and privileges applicable to template administration.
| Role | Privileges | Notes |
|---|---|---|
| TemplateAdmin | Can perform all operations on templates. | Has privileges to create, delete and configure a template's storage domain and network details, and to move templates between domains. |
| NetworkAdmin | Network Administrator | Can configure and manage networks attached to templates. |
7.7.3. Template User Roles Explained
The table below describes the user roles and privileges applicable to using and administrating templates in the User Portal.
| Role | Privileges | Notes |
|---|---|---|
| TemplateCreator | Can create, edit, manage and remove virtual machine templates within assigned resources. | The TemplateCreator role is not applied to a specific template; apply this role to a user for the whole environment with the Configure window. Alternatively apply this role for specific data centers, clusters, or storage domains. |
| TemplateOwner | Can edit and delete the template, assign and manage user permissions for the template. | The TemplateOwner role is automatically assigned to the user who creates a template. Other users who do not have TemplateOwner permissions on a template cannot view or use the template. |
| UserTemplateBasedVm | Can use the template to create virtual machines. | Cannot edit template properties. |
| VnicProfileUser | Logical network and network interface user for templates. | If the Allow all users to use this Network option was selected when a logical network is created, VnicProfileUser permissions are assigned to all users for the logical network. Users can then attach or detach template network interfaces to or from the logical network. |
7.7.4. Assigning an Administrator or User Role to a Resource
Assign administrator or user roles to resources to allow users to access or manage that resource.
Procedure 7.10. Assigning a Role to a Resource
- Use the resource tabs, tree mode, or the search function to find and select the resource in the results list.
- Click the tab in the details pane to list the assigned users, the user's role, and the inherited permissions for the selected resource.
- Click .
- Enter the name or user name of an existing user into the Search text box and click . Select a user from the resulting list of possible matches.
- Select a role from the Role to Assign: drop-down list.
- Click .
You have assigned a role to a user; the user now has the inherited permissions of that role enabled for that resource.
7.7.5. Removing an Administrator or User Role from a Resource
Remove an administrator or user role from a resource; the user loses the inherited permissions associated with the role for that resource.
Procedure 7.11. Removing a Role from a Resource
- Use the resource tabs, tree mode, or the search function to find and select the resource in the results list.
- Click the tab in the details pane to list the assigned users, the user's role, and the inherited permissions for the selected resource.
- Select the user to remove from the resource.
- Click . The Remove Permission window opens to confirm permissions removal.
- Click .
You have removed the user's role, and the associated permissions, from the resource.
