Create role with restricted access to hosts and services

Dear Community,

I am relative new at Icinga with some experience. I want to create a role which don’t have any right to some of the hosts and the services. My goal would be to create a role which has access to all devices, except for printers and their services.

I tried to create such role, but I did not find where should I restrict the access. As I understood, this place also depends on the modules I use. Currently I am using the IcingaDB and Icinga Director modules. Of course IcingaWeb2 is also installed. The Icinga monitoring module is not enabled.

You can use Icingaweb2 filter syntax to restrict access.

First create a Dashboard with the required rules and then copy them into the filters of the modules - probably icingadb/​filter/​objects with the rule looking something like hostgroup_name!=Printing|servicegroup_name!=Printing

For the director you probably need to create a host group with all hosts except the printers to put into director/​filter/​hostgroups. You can use the same rule as above to attach the host group to the non printer hosts.

Thanks, it is much better this way. I created the needed host and service groups also the filters on the dashboard. But the problems are still shown under Problems menu entry. Is there a way to “remove” them somehow from there?

Not if you’re the admin and have access to all hosts.

The dashboard is only for excercise and testing. To restrict the role you need to fill the filters into the roles under

Ok, that was my original problem. I dont know where to (to which section of the role editor) should I insert the filter.

I would try icingadb/​filter/​objects and director/​filter/​hostgroups under the corresponding module (could need unfolding for details).


Thanks, its working :slight_smile:

1 Like