解决了

Nutanix锁定虚拟机

11个月前
2021年1月25
3回复
80的浏览量

Gregg_ITX
“航行者”号
1回复

,下午好!

我正在建立一个新的PKI基础设施在一个Nutanix集群，我想关闭根CA的安全。有没有办法添加一些安全措施，使虚拟机不能无意中启动?

图标

最佳答案Alona2021年1月28日03:20

RBAC on PC with Role Assignment would allow you to that. You\u2019d need an authentication server LDAP or AD configured. If designed properly, RBAC should not need much change.<\/p>

You\u2019d have a role that allows for that VM to be powered on AND other roles do not have power on permissions extending to that VM. Remember that cluster admin can do everything.<\/p>

Security Guide: Controlling User Access (RBAC)<\/a><\/p>","className":"post__content__best_answer"}">

查看原始

Good afternoon, all!<\/p>

I\u2019m setting up a new PKI infrastructure in a Nutanix cluster and I want to shut down the root CA for safekeeping. Is there a way to add some safeguards so that the VM can\u2019t be started inadvertently?<\/p>","quoteUsername":"Gregg_ITX","translations":{"Common":{"like":"Like","unlike":"Unlike"},"Forum":{"Quote":"Quote","Share":"Share"}}}">

就像
报价
分享

本主题已关闭供评论

3回复

Userlevel 6

＋5

Alona
Nutanix员工
433回复
11个月前
2021年1月27日

嗨 @Gregg_ITX

比如，启动虚拟机的权限限制在少数用户?

G

Gregg_ITX
作者
“航行者”号
1回复
11个月前
2021年1月27日

嗨 @Alona

精确!只有“initiate”启动虚拟机。

Userlevel 6

＋5

Alona
Nutanix员工
433回复
11个月前
2021年1月28日
回答

PC上的RBAC与角色分配将允许你这样做。您需要配置一个身份验证服务器LDAP或AD。如果设计得当，RBAC应该不需要太多更改。

您有一个角色，允许该虚拟机开机，而其他角色没有权限扩展到该虚拟机。请记住，集群管理员可以做任何事情。

安全指南:控制用户访问(RBAC)

RBAC on PC with Role Assignment would allow you to that. You\u2019d need an authentication server LDAP or AD configured. If designed properly, RBAC should not need much change.<\/p>

You\u2019d have a role that allows for that VM to be powered on AND other roles do not have power on permissions extending to that VM. Remember that cluster admin can do everything.<\/p>

Security Guide: Controlling User Access (RBAC)<\/a><\/p>","quoteUsername":"Alona","translations":{"Common":{"like":"Like","unlike":"Unlike"},"Forum":{"Quote":"Quote","Share":"Share"}}}">

报名

登录社区

扫描文件病毒。

无法下载此文件