Self Service Catalogs


#1

Hi,

I am new to manage IQ and i am attempting to setup a self service portal.

I found this post.

However after following the steps I am still unable to see my catalog items as a non-admin user.

Here are the steps i tried.

  1. Configuration -> Access Control -> Roles
  2. Roles -> Selected EvmRole-user_self_service -> Configuration -> Copy Role
  3. Role Information -> Access Restriction (Only User or Group Owned) - > Changed a couple of check marks. -> Add
  4. Groups -> Add Group (Configured Active Directory Group) -> Role set to previously created Role. -> Set Project/Tenant.
  5. Under Assign Filters - Selected only a specific department.
  6. Services -> Catalogs -> Catalog Items -> Configuration -> Add a new catalog Item
    -> Red Hat Virtualization.
  7. Added Name -> Description -> Checked Display in Catalog -> Selected Catalog/Dialog -> Request Info -> Selected Template -> VM Name
  8. Set Environment -> Set Hardware - Set Network -> Set Schedule -> Add
  9. Selected New Template -> Policy -> Edit Tags -> Chose Department/Previously selected Department -> Save.

Signed into the Self Service Portal -> Service Catalogs and nothing showed.

Tried the following as well:
Checked User Settings to make sure user has the correct Tags/Groups.
Checked Compute -> Infrastructure -> Virtual Machines -> Templates -> Policies to make sure the template has the needed tags assigned. Also set template owner correct group.

Templates were created in Ovirt 4.2

Thanks


#2

I have the role option for access restriction set to none as opposed to only user or group owned.
Not sure if that is what is causing your issue or if it is the optimal or correct way but it’s what is currently working for me.

Guide here goes through the process a bit, may or may not be helpful to you.


#3

I tested that over the weekend, but does that not give everyone access to all VM’s?


#4

@bsockel Yes it does, but you can restrict it with tag control.
You can add a tag to your group, and that group can only see stuff that has the same tag.
You can read more about it here


#5

Yeah, but i really only want each user to see there own vm’s and not each others.


#6

I don’t know if this is the most efficient method but you can just make a group for each person, add a tag to it and give all your groups the same self-service role. You also need to add a tag to your service catalog items.