Abiquo 5.1

Skip to end of metadata
Go to start of metadata

Abiquo 4.7.0 introduces new privileges to control the use of public and external networks in virtual datacenters and virtual machines. This is helpful in providers where users manage networks at the virtual datacenter level, for example, ESXI + NSX (gateway, ECMP, NAT) , Amazon, Azure, and vCloud. For example, users can synchronize public IP addresses in Amazon and users can synchronize external networks in vCloud.

Current network privileges such as Manage virtual network elements, Manage public IPs, and Manage floating IPs will still apply. The privilege to Manage network elements is still used for private cloud infrastructure.

VDC external and public network privileges

The new virtual datacenter network privileges are assigned to all roles by default.

GUI labelApplication tagPrivilegeCloud
Admin
Ent
Admin
UserEnt
Viewer
Out-
bound
API
Access public network tabVDC_VIEW_PUBLIC_NETWORKThis privilege gives the user access to public network resources in virtual infrastructure

X

X

X

X

X

Manage public network elementsVDC_MANAGE_PUBLIC_NETWORKThis privilege allows a user to manage public network resources in virtual infrastructure

X

X

X

X

X

Access external network tabVDC_VIEW_EXTERNAL_NETWORKThis privilege gives the user access to external network resources in virtual infrastructure

X

X

X

X

X

Manage external network elementsVDC_MANAGE_EXTERNAL_NETWORKThis privilege allows a user to manage external network resources in virtual infrastructure

X

X

X

X

X


The main privilege to work with networks in virtual datacenters is still Manage virtual network elements, which by default is assigned to the ENTERPRISE_ADMIN_ROLE but not the USER role. This means that the default cloud user can view but not manage external and public networks, even if they have the network management privileges.

The platform does not display external or public networks to a user with Manage virtual network elements but without the privileges to access or manage external or public networks. 

VM external and public network privileges

By default, in a VM, all users can display and assign IPs from all networks to VMs. To stop users managing IPs from specific networks, remote the network privileges. 

GUI labelApplication tagPrivilegeCloud
Admin
Ent
Admin
UserEnt
Viewer
Out-
bound
API
Assign public IPs to VMsVM_ASSIGN_PUBLIC_IPThis privilege allows a user to assign public IPs to VMs

X

X

X

X

X

Assign external IPs to VMsVM_ASSIGN_EXTERNAL_IPThis privilege allows a user to assign external IPs to VMs

X

X

X

X

X

Remember that the default privileges for all roles also allow all users to purchase IPs from public networks. This can be done in the VM configuration on the Public tab.