Provisioning Hosts

This guide is not ready yet.

Foreman is a community project. The source is maintained in foreman-documentation on GitHub where you can create issues and pull requests. Thanks for your contribution.

Appendix A: Permissions Required to Provision Hosts

The following list provides an overview of the permissions a non-admin user requires to provision hosts.

Resource name	Permissions	Additional details
Activation Keys	view_activation_keys
Ansible role	view_ansible_roles	Required if Ansible is used.
Architecture	view_architectures
Compute profile	view_compute_profiles
Compute resource	view_compute_resources, create_compute_resources, destroy_compute_resources, power_compute_resources	Required to provision bare metal hosts.
view_compute_resources_vms, create_compute_resources_vms, destroy_compute_resources_vms, power_compute_resources_vms	Required to provision virtual machines.
Domain	view_domains
Environment	view_environments
Host	view_hosts, create_hosts, edit_hosts, destroy_hosts, build_hosts, power_hosts, play_roles_on_host
view_discovered_hosts, submit_discovered_hosts, auto_provision_discovered_hosts, provision_discovered_hosts, edit_discovered_hosts, destroy_discovered_hosts	Required if the Discovery service is enabled.
Hostgroup	view_hostgroups, create_hostgroups, edit_hostgroups, play_roles_on_hostgroup
Image	view_images
Location	view_locations
Medium	view_media
Operatingsystem	view_operatingsystems
Organization	view_organizations
Parameter	view_params, create_params, edit_params, destroy_params
Provisioning template	view_provisioning_templates
Ptable	view_ptables
Smart Proxy	view_smart_proxies, view_smart_proxies_puppetca
view_openscap_proxies	Required if the OpenSCAP plug-in is enabled.
Subnet	view_subnets

Resource name

Permissions

Additional details

Activation Keys

view_activation_keys

Ansible role

view_ansible_roles

Required if Ansible is used.

Architecture

view_architectures

Compute profile

view_compute_profiles

Compute resource

view_compute_resources, create_compute_resources, destroy_compute_resources, power_compute_resources

Required to provision bare metal hosts.

view_compute_resources_vms, create_compute_resources_vms, destroy_compute_resources_vms, power_compute_resources_vms

Required to provision virtual machines.

Domain

view_domains

Environment

view_environments

Host

view_hosts, create_hosts, edit_hosts, destroy_hosts, build_hosts, power_hosts, play_roles_on_host

view_discovered_hosts, submit_discovered_hosts, auto_provision_discovered_hosts, provision_discovered_hosts, edit_discovered_hosts, destroy_discovered_hosts

Required if the Discovery service is enabled.

Hostgroup

view_hostgroups, create_hostgroups, edit_hostgroups, play_roles_on_hostgroup

Image

view_images

Location

view_locations

Medium

view_media

Operatingsystem

view_operatingsystems

Organization

view_organizations

Parameter

view_params, create_params, edit_params, destroy_params

Provisioning template

view_provisioning_templates

Ptable

view_ptables

Smart Proxy

view_smart_proxies, view_smart_proxies_puppetca

view_openscap_proxies

Required if the OpenSCAP plug-in is enabled.

Subnet

view_subnets

Additional resources

Creating a Role in Administering Foreman
Adding Permissions to a Role in Administering Foreman
Assigning Roles to a User in Administering Foreman