How to allow VDC admin to create Virtual Network



I am using version 5.4.6 currently which have problem now where VDC admin is not allow to create its own Virtual Network.

Currently I have created a VDC which pre-allocate VNets as screen capture.

And created a Group with user admin inside.

This group is allow to use VDC resource.

Also created an ACL which I have already allow Group member to “use, manage,create, admin” - ID25

However, when login as VDC group admin. Create Virtual Networks still not allow.

Could you please advise how should solve this problem?


(Tino Vazquez) #2

You need to enable it in the Sunstone yamls. Take a look at file /etc/one/sunstone-views/groupadmin.yaml.

(Kristian Feldsam) #3

Hi Tino, is it also possible to force VDC admin to create only specific type of network, eg 802.1q and preddefined physical interface?



Any details meaning for each parameters for groupadmin.yaml ?

I also read

but no much available information there.


(Tino Vazquez) #5

That is currently not supported. Please open a feature request in GitHub to evaluate the use case.

(Jean-Philippe FOURES) #6


I faced the same behavior on same release and before opening a Feature request I checked here if somelse faced the same.
I added some “admin” rights for the Admin user. I added an ACL with ADMIN right for “CLUSTERS”.
I am not a big fan of this workaround as it means that an external user with admin rights must be cluster administrator to create a Virtual Network. While for me this should not be the case (I will open a feature request for this).
@machiasiaweb, can you check if adding some admin rights to this user unlock you situation ?

Thank you