Permissions for sync from an upstream Katello server


On the Katello, in the “CDN Configuration” tab, it is requested to fill in the credentials.

Are there specific permissions without being admin to be able to synchronize from an upstream Katello?
I can’t find the inter-sync server related documentation regarding these permissions.

Expected outcome:
Use an account without administrator rights for synchronization.

Foreman and Proxy versions:

Foreman and Proxy plugin versions:

Distribution and version:
Red Hat Enterprise Linux release 8.5 (Ootpa)

1 Like

You should have a user with viewing permissions for lifecycle environments, content views, products and repositories. The user should also belong to the organization that the environment belongs to.
Those should be sufficient permissions to sync from the server.

I just checked. You should be able to connect and sync with the following user permissions

  1. View Organization
  2. Edit Organization (to download the debug certificate)
  3. View Content Views
  4. View Lifecycle Environments
  5. View Products.

Will check with @Lennonka to document this :slight_smile:


Hi @Partha_Aji and @sajha

Thanks, I confirm it works.
I think it’s useful to indicate in the documentation because it’s a good security practice :slight_smile: