RBAC (Role-Based Access Control)
Advanced RBAC is available exclusively in the Enterprise edition of ProxCenter. Community users have access to the default system roles (Admin, Operator, Viewer) but cannot create custom roles or configure granular permission scopes.
ProxCenter's RBAC system gives you fine-grained control over who can do what across your infrastructure. Define custom roles with precise permissions and assign them to users to enforce the principle of least privilege.
System Roles vs Custom Roles
System Roles
ProxCenter ships with three built-in system roles that cannot be modified or deleted:
| Role | Description |
|---|---|
| Admin | Full, unrestricted access to every feature and setting |
| Operator | Manage infrastructure and perform day-to-day operations |
| Viewer | Read-only access to dashboards, inventory, and logs |
System roles are available in both Community and Enterprise editions.
Custom Roles
With the Enterprise edition, you can create custom roles tailored to your organization's needs. Custom roles allow you to combine any set of permissions into a named role that can be assigned to one or more users.
To create a custom role:
- Navigate to Security > RBAC
- Click Create Role
- Enter a role name and optional description
- Select a color for the role badge displayed in the UI
- Toggle the permissions you want to include
- Click Save
Use descriptive names like "Backup Operator" or "Network Admin" so that the role's purpose is immediately clear.
Permission Categories
Permissions are organized into the following categories:
VM (vm.*)
Control access to virtual machines and containers.
| Permission | Description |
|---|---|
vm.view | View VMs and containers, their status and details |
vm.start | Start or resume VMs and containers |
vm.stop | Stop, shutdown, or suspend VMs and containers |
vm.create | Create new VMs and containers |
vm.delete | Delete VMs and containers |
vm.migrate | Migrate VMs between nodes |
vm.snapshot | Create, restore, and delete snapshots |
vm.console | Access the VM console |
Storage (storage.*)
Control access to storage pools and volumes.
| Permission | Description |
|---|---|
storage.view | View storage pools and usage |
storage.manage | Create, modify, and delete storage configurations |
Node (node.*)
Control access to Proxmox hypervisor nodes.
| Permission | Description |
|---|---|
node.view | View node information and resource usage |
node.manage | Manage node settings and configurations |
Connection (connection.*)
Control access to Proxmox connection management.
| Permission | Description |
|---|---|
connection.view | View configured Proxmox connections |
connection.manage | Add, edit, and remove Proxmox connections |
Backup (backup.*)
Control access to backup operations.
| Permission | Description |
|---|---|
backup.view | View backup jobs and restore points |
backup.create | Create new backup jobs |
backup.restore | Restore VMs and containers from backups |
backup.delete | Delete backup files and jobs |
Admin (admin.*)
Control access to platform administration.
| Permission | Description |
|---|---|
admin.users | Manage users and invitations |
admin.rbac | Manage roles and permissions |
admin.audit | View audit logs |
admin.settings | Manage platform settings and license |
Permission Scopes
Permissions can be applied at different scopes to control the breadth of access:
| Scope | Description |
|---|---|
| Global | Permission applies across all connections, nodes, and VMs |
| Connection | Permission is limited to resources under a specific Proxmox connection |
| Node | Permission is limited to resources on a specific Proxmox node |
| VM | Permission is limited to a specific virtual machine or container |
Scopes allow you to create roles like "Operator for Production Cluster" or "Viewer for node-03 only," giving you precise control over access boundaries.
When a permission is granted at a broader scope, it automatically applies to all narrower scopes beneath it. For example, granting vm.view at the Connection scope includes all nodes and VMs within that connection.
Permission Inheritance
RBAC permissions follow a top-down inheritance model:
- Global permissions cascade to all connections, nodes, and VMs
- Connection permissions cascade to all nodes and VMs within that connection
- Node permissions cascade to all VMs on that node
- VM permissions apply only to the specific VM
A user's effective permissions are the union of all permissions granted by their assigned role at all applicable scopes. There is no deny mechanism -- if a permission is not explicitly granted, it is denied by default.
Assigning Roles to Users
To assign a role to a user:
- Navigate to Security > Users
- Select the user you want to modify
- In the Role dropdown, select the desired role
- Optionally, configure scope restrictions for the role
- Click Save Changes
Each user is assigned exactly one role. To give a user a combination of permissions that no single role covers, create a new custom role with the required permissions.
Color-Coded Roles
Each role can be assigned a color that is displayed as a badge throughout the UI. This provides a quick visual indicator of a user's access level:
- Role badges appear next to user names in the user list
- Role colors are visible in the audit log and activity feeds
- System roles use fixed colors; custom roles can use any color you choose
Audit Trail for Role Changes
All RBAC-related actions are recorded in the Audit Log:
- Role creation, modification, and deletion
- Permission changes within a role
- Role assignments and unassignments to users
- Scope changes for role assignments
This ensures full traceability of access control changes for compliance and security reviews.
Permissions
Access to RBAC management requires the following RBAC permission:
| Permission | Description |
|---|---|
admin.rbac | Create, edit, and delete roles; manage permission assignments |
| Required Feature | Edition |
|---|---|
rbac | Enterprise |