Prevent even admins from deleting a VM from Veeam

[gyrosc0pe]

Hi
Is it possible to create some kind of rule within Veeam B&R to avoid deleting VMs from the console?
Even if an admin is the user at the time?
A denied permission or similar?

[foggy]

Carlos, could you please clarify what VM deletion are you trying to prevent? Do you mean deletion of backups from Veeam B&R UI or VMs from the jobs or something else?

[gyrosc0pe]

We've had a case where an admin deleted a replica VM from Veeam's replica repository but it turned out to be a production server
(seems it was a replica VM back in the days but was failed over to production)
Veeam deleted this 'replica' server with no questions, it shutdown the server first and delete it from disk next, no traces left.
We want to avoid this happening in the future so my post here, is there a way to create a rule maybe, within Veeam which stops anybody from deleting a VM?

[PTide]

Would it be sufficient to prompt the user to shutdown the VM manually first instead of shutting it down automatically? Even with password or a special role there is no guarantee that someone who has the privilege to delete VMs won't make the same mistake.

[gyrosc0pe]

A prompt would be somethign, not what i'm looking for but at least some type of step before deletion.
What I've noticed is that, for instance, although I log to the V&R server with my admin account, the actions towards the VMWare cluster are done in the background by the Veeam account it uses to connect to VMWare servers which has full permissions.
So modifying permissions in VMWare to this Veeam account would mean restricting Veeam doing its work, hence i posted this hoping there's Veeam 'permission' which could limit my admin account .... maybe a long shot?

[DaStivi]

am i wrong, when doing a failover and finishing all processes the vm disapears from Veeam console? as with a instantVM recovery...
maybe another thought, when this was an production vm, hopefully on a productive datastore, is there an backup?!

[gyrosc0pe]

Thanks for your input,
Dastivi, im not going to discuss that,
I described that scenario as a possible cause for our incident but it could have been something else.
I'm looking for a solution to avoid anything similar happening again, an admin deleting a production VM from Veeam's console
Some Veeam rule set, permissions, rule applied to VM tag.... a third party tool...
I'm assuming this doesn't exist as I'm not seeing any solution from anybody.

[foggy]

You're looking for restrictions on a Veeam B&R console side, but are these same admins allowed to login to vSphere client and removing production VMs from there?

[gyrosc0pe]

yes, they are

[gyrosc0pe]

Having said that, i can operate the Veeam console with my admin account but the actions in vsphere show as created by Veeam's account.

What about generating a pop up window in Veeam console indicating the server you want to delete is powered on?

at least that'd make an admin think twice, he's working on a running server not a powered off replica

can this be done?

[foggy]

This is exactly the prompt Pavel has suggested above.

[gyrosc0pe]

And how is this done?

[foggy]

This was mentioned as a probable future improvement, not as currently available functionality.

[Regnor]

@foggy/@PTide: Did this end as a feature request?
Similar to the "Restore entire VM" dialog, deleting a Replica should check if the VM is running or if it did get changed, and prompt for permission to proceed.

[veremin]

Nope, it did not - it got too few requests and was superseded by more demanded features. Thanks!

[Regnor]

Then please count my post as 2 votes/requests
Apparently this doesn't happen that often, but I'm sure many customers are manually failing over Replicas; and chances are high that later on they delete their new production VMs when cleaning up the Replicas in the Veeam configuration (Delete from Disk).