Users cannot manage created instances

acul009 · 22 December 2024 12:38

OS Name/Version: debian 12 (bookwork) on Proxmox KVM

Product Name/Version: Amp (Advanced Edition) v2.6.0.6, built 20/11/2024 20:57

Hi,

i just bought amp in the hopes I could finally let my friends create their own minecraft servers instead of me having to setup and manage them using portainer for them. Unfortunately I’m to stupid to configure the permissions correctly.

I want my friends to be able to do the following:

create an instance
manage that instance
allow other existing users access to that instance

But I can’t figure it out.

My setup features a controller vm and a target vm. I’ll probably add an LXC container and a bare metal target later too.

I’ve set the following permissions:

Local instance (controller) Manage
ADS.InstanceManagement.CreateInstance

This already allows the user to create an instance. But after creating it, it just doesn’t show up?
I can see the instance using my admin account just fine, but the user doesn’t have any permission to access it?

I found out that I can allow users access manually for the created instance, but even then I have to go into the instance and also set all the required permissions there.

From reading other forum posts it seemed there was some kind of ownership model? Did I misconfigure something?

ThePotatoKing · 22 December 2024 21:33

I’d suggest creating the user at the ADS (main panel) “level”, as that tends to be a bit easier.
There’s a guide here that explains it better than I can:
https://discourse.cubecoders.com/t/managing-user-permissions-in-amp/2301

acul009 · 23 December 2024 18:39

That’s exactly what I did and that’s the whole problem I’m having.

I want the user to be able to create instances (which works) and then let them configure their instances (which doesn’t work unless I allow them to manage the newly created instance).

As the user you can basically click on create instance and then watch as nothing that happens is actually displayed to you.

I just don’t know which setting or permission I’d have to enable to allow that.

ThePotatoKing · 24 December 2024 02:37

The permission system isn’t set up to account for non-trusted/non-privelaged users to autmagically see their own created instances.
You can get around that by allowing the All Instances permission, then deny any perms that you don’t want them to access.
With Advanced Edition you have access to Template Roles, which you’ll want to use for the permissions inside the instance, so they’re copied across all the instances for that user.

acul009 · 25 December 2024 03:02

I have the advanced edition, but template roles don’t work. I get told that they aren’t part of my edition.

I guess your recommendation could work for me, but that means I‘ll still have to babysit server creation for a few people.

ThePotatoKing · 26 December 2024 03:27

Make sure that you’ve reactivated the ADS to get the Advanced edition features to show (and clear your browser cache.
Occasionally it doesn’t show right, or if you upgraded licenses it sometimes doesn’t show without reactivating the ADS.
https://discourse.cubecoders.com/t/configuring-amp-for-enterprise-or-advanced-usage/1830#activating-ads-3

system · 25 January 2025 03:28

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.