Permissions Matrix for Next Generation Cloud Servers
The Cloud Servers permissions matrix displays specific permissions for the
following roles:
- Admin provides full access to create, read, update, and delete.
- Creator provides access to create, read, and update.
- Observer provides read-only access.
The matrix displays the Cloud Servers methods, their corresponding RESTful API commands,
and the roles that are supported.
Method | API action | Role | Description |
|---|---|---|---|
Retrieve list of servers |
| Observer, Creator, Admin | Lists IDs, names, and links for all servers. |
List servers with details |
| Observer, Creator, Admin | Lists all details for all servers. |
Create server |
| Creator, Admin | Creates a server. |
Show server details |
| Observer, Creator, Admin | Lists details for a specified server. |
Update server |
| Admin | Updates one or more editable attributes for a specified server. |
Delete server |
| Admin | Deletes a specified server. |
Create a server key pair |
| Creator, Admin | Generates a key pair consisting of a private key and a public key. |
Retrieve list of key pairs |
| Creator, Admin | Lists a key pair consisting of a private key and a public key. |
Delete key pair |
| Creator, Admin | Deletes a key pair of a specified name. |
Retrieve list of server addresses |
| Observer, Creator, Admin | Lists all networks and server addresses associated with a specified server. |
List Addresses by Network |
| Observer, Creator, Admin | Lists addresses associated with a specified server and network. |
Change password, Reboot server, Rebuild server, Resize server, Confirm server resize, Revert server resize, Rescue server, Unrescue server, and Create image |
| Admin | Performs the requested action. |
Attach volume to server |
| Observer, Creator, Admin | Attaches a volume to the specified server. |
List server volumes |
| Observer, Creator, Admin | Lists the attached volumes for the specified server. |
Show volume attachment details |
| Observer, Creator, Admin | Lists volume details for the specified volume attachment ID. |
Delete volume attachment |
| Admin | Deletes a specified volume attachment from a specified server instance. |
Retrieve list of flavors |
| Observer, Creator, Admin | Lists IDs, names, and links for all available flavors. |
Retrieve list of flavors with details |
| Observer, Creator, Admin | Lists all details for all available flavors. |
Retrieve flavor details |
| Observer, Creator, Admin | Lists details of the specified flavor. |
Retrieve list of images |
| Observer, Creator, Admin | Lists IDs, names, and links for all available images. |
Retrieve list of images with details |
| Observer, Creator, Admin | List all details for all available images. |
Retrieve image details |
| Observer, Creator, Admin | Lists details of the specified image |
Delete image |
| Admin | Deletes the specified image. |
List server metadata |
| Observer, Creator, Admin | Lists all metadata associated with a server. |
Retrieve image metadata for a specified image |
| Observer, Creator, Admin | Lists all metadata associated with an image. |
Set server metadata |
| Admin | Sets metadata for the specified server. |
Set image metadata for a specified image |
| Admin | Sets metadata for the specified image. |
Update server metadata |
| Admin | Updates metadata items for the specified server. |
Show server metadata item details |
| Observer, Creator, Admin | Retrieves a single metadata item associated with a server. |
Retrieve image metadata item for a specified image |
| Observer, Creator, Admin | Retrieves a single metadata item associated with an image. |
Set server metadata item |
| Admin | Sets a metadata item for a specified server. |
Set image metadata item for a specified image |
| Admin | Sets a metadata item for a specified image. |
Delete server metadata item |
| Admin | Deletes a metadata item for the specified server. |
Delete image metadata item for a specified image |
| Admin | Deletes a metadata item for the specified image. |
Retrieve list of limits including used limits |
| Observer, Creator, Admin | Expands the limits operation to show the project usage, including RAM and instance quotas usage. |
Enable scheduled images |
| Creator, Admin | Enables scheduled images on a server by creating an |
Show scheduled images |
| Observer, Creator, Admin | Shows scheduled images for the specified server. |
Disable scheduled images |
| Admin | Disables scheduled images by deleting the |
Retrieve list of networks |
| Observer, Creator, Admin | Lists the networks configured for a specified tenant ID. |
Create network |
| Creator, Admin | Creates a network for a specified tenant ID. |
Create server with networks |
| Creator, Admin | Provisions a new server with specified networks. |
Show network |
| Observer, Creator, Admin | Shows information for a specified network ID. |
Delete network |
| Admin | Deletes a specified network. |
Retrieve list of virtual interfaces |
| Observer, Creator, Admin | Lists all virtual interfaces configured for a server instance. |
Create virtual interface and attach to server |
| Creator, Admin | Creates a virtual interface for a network and attaches the network to a server instance. |
Delete virtual interface |
| Admin | Deletes a virtual interface from a server instance. |
Related article
Role-Based Access Control (RBAC) permissions matrix for Cloud Hosting
Updated 1 day ago