A user with the admin.readonly role has "read-only" access to all platform functions available to the administrator. Such a user cannot change settings or perform operations on the platform and its entities - virtual machines, clusters, networks, etc. For example, a user with this role can be created to collect platform metrics via API.
Note
The admin.readonly user can only interact with the platform via API. Creation and authorization of a user with this role is not available in the platform interface.
Creation steps:
-
Get an authorization token:
curl -k -X POST -H "accept: application/json" -H "Content-Type: application/json" 'https://domain.com/auth/v4/public/token' -d '{"email": "admin_email", "password": "admin_pass"}'Comments to the commandIn response, you will get the message in the form:
Example of response in JSON{ "confirmed": true, "expires_at": null, "id": "6", "token": "4-e9726dd9-61d9-2940-add3-914851d2cb8a" }Save the received token value.
-
Execute the command:
Example of the commandcurl -k -o- -H "Host: domain.com" -d '{"email": "user@example.com", "password": "pswd", "role": "@admin.readonly"}' -# https://domain.com/vm/v3/account -H "x-xsrf-token: token"Comments to the command