netbox plugin: which rights does the user need?
-
Hello,
I activated the Netbox plugin as described in https://xen-orchestra.com/docs/advanced.html#netbox.
The synchronisation works fine as long as the user which the token belongs to has "Superuser status".
When I only give them "Staff status" and rights for
custom field, cluster, cluster group, cluster type, virtual machine, interface- the synchronisation test works. However, when I try to manually sync a pool, there's an "unknown error". When I take away one of the object rights listed above, I get the following nondescript error when testing the connection:Code: -32000 Message: unknown error from the peerWhich permissions does XOA actually need to synchronise to netbox? This is something I'd like to have documented in https://xen-orchestra.com/docs/advanced.html#netbox.
-
We can probably provide a list of objects we are using to sync, that might be helpful.
@pdonias will do that when he can (he's pretty busy right now)
-
@olivierlambert yes, a list of objects would certainly suffice. Probably everything that #makeRequest is calling in packages/xo-server-netbox/index.js?
-
Yes, all the code related to Netbox is in there. If you have time to take a look, you'll find your answers there
-
Hi @luca-steinke, this is indeed something that we should and will document. Here are the minimum required permissions:
View permissions on:
- extras > custom-fields
- ipam > prefixes
All permissions on:
- ipam > ip-addresses
- virtualization > cluster-types
- virtualization > clusters
- virtualization > interfaces
- virtualization > virtual-machines
