Group Permissions¶

Each project member can have one of the following roles within a project: administrator or member. In SimpleVM projects, each role has different permissions.

An administrator has the most permissions, not limited to their own resources, like virtual machines, volumes, or snapshots. They can prevent members from creating new virtual machines and toggle this setting in the project overview. They can interact with workshops.

A member has the fewest permissions, limited to their own resources, like virtual machines, volumes, or snapshots. Administrators and others must grant access to their resources first. Workshop participants with the member role have no permission to create new virtual machines by default.

The following table illustrates the permissions:

Method	Role
	Admin		Member
VM	Own¹	Others²	Own¹	Others²
`Create`		³	⁴
`Access`		⁷		⁷
`List`
`Stop/Restart`
`Reboot (Hard & Soft)`
`View Details`
`Create Snapshot`
`Attach Volume`
`Detach Volume`				⁵
`Delete`
`Create Snapshot`
Snapshot	Own	Others	Own	Others
`List`
`Use`
`Delete`
Volumes	Own	Others	Own	Others
`Create`
`List`
`Delete`
`Rename`
`Allowed to attach`
`Extend`
Cluster	Own	Others	Own	Others
`Create`			⁴
`List`
`Scale (Up & Down)`
`Delete`
Workshop	Own	Others	Own	Others
`Create`
`List`
`Delete`
Research environment	Own	Others	Own	Others
`Access`		⁶		⁶

For or from own, depending on the context. ↩↩
For or from others, depending on the context. ↩↩
Administrators of workshop projects can start virtual machines for members of their workshop project. ↩
Administrators can prevent members from starting virtual machines. ↩↩
A volume owner can detach their volume from every machine. ↩
Owner must grant access first.
Administrators of workshops have access permission by default. ↩↩
When creating a virtual machine, you can grant others access to your virtual machine.
After creating, you can grant access by placing their public key onto your virtual machine. ↩↩

Last update: December 28, 2022