Skip to main content
Version: v42

Proxmox VE as a Host Directory

Create API credentials that allow PrivX to scan Proxmox hosts. To do this, perform the following in your Proxmox deployment:

  1. Create a new Proxmox user for PrivX to use when scanning hosts.

  2. Create a new API token for the user. Leave Privilege Separation enabled.

  3. Ensure Proxmox has a role that grants at least the following privileges:

    • Sys.Audit
    • VM.Audit

    You may grant these permissions using the default PVEAuditor role, or by creating a new role that specifically grants these privileges.

  4. Add the following permissions under Permissions→Add→API Token Permission:

    • Path: /
    • API Token: Select the previously-created API token.
    • Role: Select a role that grants at least Sys.Audit and VM.Audit.

Then use the API token to add hosts from Proxmox VE to PrivX:

  1. Add a new directory to PrivX: In the PrivX GUI, go to Administration→Directories and click Add Directory.

  2. Configure PrivX to connect and authenticate to the Proxmox VE. You will at least need to configure:

    • Name: A unique name for identifying the directory.
    • Type: Proxmox VE
    • Endpoint Address: Address of the Proxmox VE service.
    • Token ID: API-token ID.
    • Secret: API-token secret.

    If your Proxmox VE uses TLS, you will also need to set Server Authentication Settings under Advanced Settings.

    Click Save to apply your changes.

  3. Back on the Administration→Directories page, you may verify the directory status. After PrivX has completed scans, the status of the directory should be OK.