Skip to main content

How do I manage VMs based on Groups?

Principle

There are two types of groups in tiCrypt.

  • in the .
  • . Groups in the .
Vault Groups vs VM Groups

Vault Groups

Groups in the is by default cryptographic. They aim to create an environment for users, unreachable by admin's access controls, available only to the group members.

  • Groups in the Vault are fully encrypted designed for users who work with sensitive data.

  • Each group member may come from a different team.

note

Groups in the Vault have nothing to do with Group Management card from the tab.

Virtual Machine Groups

Groups in the are access-controlled. Their purpose is to divide VM users into categories.

By default there are three groups in the . Groups management in :

  • Everybody: includes all members of the Virtual machine.
  • Managers: includes only the managers and the owners of the virtual machine.
  • Nobody: includes no users from the Virtual machine.

side note: the nobody group is used when a VM owner does not want to share the VM with anyone else.

tip

To learn more about groups in the vault, navigate to the groups overview section.

Practice

Create a Group in the Vault

To create a group in the vault navigate to tab in the section in the top right panel.

  • Click on the Create group icon in the top right.
  • Follow the instructions from create a group section.

Create a Group in the Virtual Machine

To create a group in the virtual machines navigate to tab in the section.

  • Start and Connect your Virtual machine.
  • Select your Virtual machine.
  • Click on Group Management card on the center-right.
  • Click Create group button on the top.
  • In the prompt, type a name for your VM group.
  • Click .
  • Optionally, follow the instructions from group management section.
note

Virtual machines do not currently support editing VM group names after creation. To change a group's name in VM, you must re-create the group from scratch.

Create an Access Directory for a Group in the Virtual Machine

To create an group-based access directory in the virtual machines navigate to tab in the section.

  • Start and Connect your Virtual machine.
  • Select your Virtual machine.
  • Click on Access Directory Management card on the center-right.
  • Click Create access directory button on the top.
  • In the prompt, type a name for your access directory.
    • Type the access directory owner name.
    • Type the group's name associated with the access directory.
    • Select the access mode (read-only or read-write).
  • Click .
  • Optionally, follow the instructions from access directory section.
info
  • The owner of the access directory can be the user, manager, or the owner of the selected VM.
  • Access-mode allows the selected access directory owner to read-write on the drive associated with the access directory.
  • For good practice, only VM owners should have read-write access to access directories.