It is far to easy to delete a Cloud and associated resources.
In 6.0.1 its select cloud, Delete button, Tick box to request deletion of resources, Delete button.
In 5.5.3 its select cloud, Delete button, Enter “Delete”, Delete button.
Deleting Cloud (or any operations such as deleting a host) where the potential impact if done by mistake is huge should be far better protected. Displaying a textbox where user simply types in “Delete”, typically prefilled by browser is acceptable. My possible suggestions are:
prompt user for password, ask the user “Do you really want to do this!!!”.
only allow a cloud to be deleted if all associcated resources have been deleted first.
One example:
User gets a VM into a broken state. SysAdmin goes to compute screen. Selects Virtual Machine but doesn’t click on +Actions but DELETE. Oh fudge / heart attack moment! See screen shot. As it stands, a ten second brain freeze could lead to a major catastrophe!
The change from 5.5.3 to 6.0.0 changed the delete on cloud to make it more steps to accidentally delete your objects.
Previously, the check box for “delete all resources” was auto checked and a user had to type “Delete” and they were all gone.
Now, we default uncheck that box so a user has to do more steps. Delete cloud → Check Box to remove infra → Type Delete to confirm remove infra → select delete
In your example you are showing deleting a VM within the instance page and then choosing the delete on the instance by mistake. There are changes here too.
The checkboxes are removed from the resource selections in the updated UI as they were misleading
Lastly, you could always enforce a deletion policy on the VMs. We are looking to expand this to other resources as well. This shuts down the systems and puts a hold on anything that will delete until X amount of time has passed. This is your best option for users fumbling through and deleting wrong servers.
From a production perspective, this is probably the most extreme amount of prompts we would present users. At a certain point if a user isn’t going to read the messages, adding more is ineffective.
I’ll set this thread to auto close after a week if no response as I don’t believe this will see additional changes in the product.
I accept what you are saying, approvals are great along with the fact that remove infrastructure is unticked.
Will definitely be using approvals. BUT people make mistakes… And as an MSP I do not want approvals to be my first line of defence if somebody accidentally deletes a CLOUD. Consider how embarrassing it could be for an MSP to have multiple customers login and be faced with potentially hundreds of approvals saying your Instance is going to be deleted. Total loss of confidence. And what happens if they hit approve - I can just see the headlines now. My suggestions are:
add permission that hides Delete cloud button
add permission that hides or greys out remove infrastructure button
prompts user for password
display a msgbox “Warning of the consequences…”
IMHO, just need something…
My suggestions are: