Skip to content

Group Permissions

There are two roles within a project: admins and non-admins.
Especially for SimpleVM projects, these roles play an expanded role in resource usage authorization.

An admin generally has all rights, not limited to own resources (like vms).
Non-admins are generally only allowed to modify their own resources - unless they have been explicitly granted access.
SimpleVM project admins are able to prevent the starting of machines by non-admins in their projects.
Workshop participants which are not admins are not allowed to start machines by default. The permission of starting machines by non-administrators can be changed in the project overview.
Workshops can only be interacted with by admins.


The following table illustrates the different rights:

Type Project
Admin Member
VM Own Others Own Others
Create 1 2 1
List
Stop/Restart
Reboot (Hard & Soft)
View Details
Create Snapshot
Attach Volume
Detach Volume 3
Connect 4
Delete
Create Snapshot
Snapshot Own Others Own Others
List
Use
Delete
Volumes Own Others Own Others
Create
List
Delete
Rename
Allowed to attach
Extend
Cluster Own Others Own Others
Create 1 2 1
List
Scale (Up & Down)
Delete
Workshop Own Others Own Others
Create
List
Delete


1: Admins of workshop projects are able to start machines for members of their workshop project. Also admins and project members are able to start machines and cluster and grant access for other project members.
2: The starting of machines by non-admin project members can be prevented by project admins.
3: A volume can be detached from any machines by the owner of the volume.
4: The connection to a machine is only possible if the owner of the machine has granted access to the respective user. This can also be achieved by adding the respective users public key to the virtual machine manually.