How to properly restrict access?

A

alexdora2018-08-28 21:09:51

linux

alexdora, 2018-08-28 21:09:51

In general, the story is short. The hobby has turned into a service, time has become a pity, and there are many objects of attention.

There are several servers with vmware esxi and many virtual machines. I want to hire an admin, but I don’t understand how to make sure that in which case the admin doesn’t deprive me of access or make it worse. I'm interested in the logic of the format:
this is worth doing, but this is not worth doing, because in any case, the future admin will have to fix the jambs of the settings that I made for the first time (I'm still not a sysadmin). And the admin is remote, but I don’t want any acquaintances who would take it.

So far from the obvious: do not give access to the vmware Esxi panel

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

S

Sanes, 2018-08-28
@Sanes

(I'm still not a sysadmin)

Give only full access. If you do not trust, then turn yourself.

A

Alexey Cheremisin, 2018-08-29
@leahch

People are divided into two categories, some do not yet make regular backups, the latter already do.
Now, it doesn't matter how little rights you give if you're in the first category. And no matter how many rights you give, if from the second. Moreover, there are snapshots.

C

CityCat4, 2018-08-28
@CityCat4

Can start with the obvious - what should the admin do?
vCenter has a gigantic, fan-made kind of rights system. There, the granularity is so wild that, for example, I still can’t figure out what rights to give a chela so that he can normally create machines on the host ... By the
way, there is a certain “superadmin” whose password should not be given to anyone - and here this "superadmin" is the real administrator, and everyone else is the first reflection of Amber...