RE: REST API create_vm returns task URL that doesn't exist?

Hi @DevFlint,
tasks are now correctly visible in the swagger documentation

Hi @slavavrn,
FYI, its now possible to revert a snapshot via the REST API.
POST /vms/:id/actions/revert_snapshot
And the body of the endpoint:

{
  "snapshotId": <snapshot-id>
  "snapshotBefore": boolean (optional)
}

Hi @johnnezero and thanks for the post!

Just wanted to talk about PERMISSION SYNC.

In the REST API the "permission sync" pattern is actually handled natively by the RBAC system using selectors.

For example, if you want a role that allows a user to manage VM power state only for VMs tagged dev:

• Start from the built-in role template “VMs power state manager” (just to speed up role creation, but totally optional)
• Create or customize a role with the required VM power privileges (read, start, stop, reboot, etc.)
• Scope each privileges using a selector like:
  tags:dev
• Then assign the role to your user or group

Once done, the access is fully dynamic:

• Any VM with the dev tag is included in the scope
• Removing the tag immediately revokes access
• Adding the tag grants access instantly
• No need to maintain per-VM ACL entries

The key point is that RBAC evaluates privileges at request time based on selectors.
You can also base selectors on other VM properties, not only tags (for example power state, name patterns ...).

You can find the doc here
and a dedicated forum thread here

PS: For the moment the XO6 UI does not support the RBAC system, but we are working on it

Hi @rzr,
When you say, "XO still showed host 2 needing patching", does that mean XO is still showing missing patches?

If so, can you run the following command: xe host-call-plugin host-uuid=<uuid-host2> plugin=updater.py fn=check_update

Hi @r0123456789,

GET /rest/v0/hosts/:id/stats is available in the REST API

Hi @dan89,
It is possible to create an authentication_token using the REST API.

POST /rest/v0/users/me/authentication_tokens

Hi @Steve_Sibilia,
FYI, ACL V2 / RBAC is now available in the REST API.

You can see the RBAC doc.
A dedicated thread is available on the forum thread, please feel free to share your feedback.

Thank you.

We are back on 0.21.0 (might need a Ctrl+Shift+R). We had issues with this month's version (0.22.0) so we'll have to postpone it to next week. Apologies for the confusion around 0.19.0.

Hi @halvor,
FYI, ACL V2 / RBAC is now available in the REST API.

You can create a privilege that only give you read privilege on your host.
You can see the RBAC doc.
A dedicated thread is available on the forum thread, please feel free to share your feedback.

Thank you.

Hi @jedimarcus,
FYI, VIF creation is possible via the REST API POST /rest/v0/vifs