The Spectro VM Dashboard is a web-based UI for virtual machines (VMs) that uses secure ports and conveniently includes Spectro Proxy. When used with the default settings for access control and Identity Provider (IDP), there is nothing to configure.

Create a cluster profile with the Spectro VM Dashboard add-on pack and apply it to your cluster. When the cluster updates, a Virtual Machines tab appears.


  • Registered Spectro VM Dashboard pack registry.
  • Outbound internet connectivity for port 443 is allowed so that you and your applications can connect with the Spectro Cloud reverse proxy.
  • Users or groups must be mapped to a Virtual Machine RBAC role. You can create a custom role through a manifest and use Palette's RoleBinding feature to associate the users or groups with the role. Refer to the Create Role Bindings guide to learn more.
  • A namespace for VMs. Although you can deploy VMs from the default namespace, we recommend creating at least one namespace dedicated to VMs as a way to organize and manage them. To learn how to create a namespace, check out Create a Namespace.

Create the VM Dashboard

  1. Log in to Palette.
  1. Select Profiles in the left Main Menu and click the Add Cluster Profile button.
  1. Enter basic information for the profile: name, version if desired, and optional description.
  1. Select type Add-on, and click Next.
  1. In the next screen that displays, click Add New Pack, and use the following information to find the VM Dashboard pack:

    • Pack Type: System App
    • Registry: Select the registry you added.
    • Pack Name: Spectro VM Dashboard
    • Pack Version: 3.1.x or newer

    A configuration panel displays Access and Identity Provider (IDP) parameters with pre-defined default settings.

  2. Configure the dashboard.

Configure the Dashboard

The default setting for Access is Proxied, which automatically adds the Spectro Proxy pack. Changing the default may require some additional configuration.

The default setting for Identity Provider is Palette. All IDP options require you to map a set of users or groups to a Kubernetes RBAC role.

We recommend using the pack defaults. Default settings provide best practices for your clusters. Changing the default settings can introduce misconfigurations. Carefully review the changes you make to a pack.

IDP options are as follows:

  • Palette: This setting makes Palette the IDP, so any user with a Palette account in the tenant and the proper permissions to view and access the project's resources can log into the Kubernetes dashboard.
  • Inherit from Tenant: This setting requires you to configure OpenID Connect (OIDC) in Tenant Settings. In Tenant Admin scope, navigate to Tenant Settings > SSO, choose OIDC, and provide your third-party IDP details. For more information, check out the SSO Setup guide.
  • Specified on Kubernetes layer: This setting requires you to configure OIDC manually in the Kubernetes pack. Refer to Use RBAC With OIDC for more information.


You can validate the profile is created.

  1. Navigate to Profiles from the left Main Menu.
  1. Locate the newly created profile in the list.

Next Steps

You can now apply the profile to your cluster. Enable Spectro VM Dashboard guides you in applying the profile so you can access the dashboard.