[openstack-dev] [Oslo] Policy's persistence layer
Flavio Percoco
flavio at redhat.com
Fri May 3 15:52:42 UTC 2013
On 03/05/13 09:20 -0500, Dolph Mathews wrote:
> This API was implemented in keystone in grizzly for centralized policy
> storage:
> [1]https://github.com/openstack/identity-api/blob/master/openstack-identity-api/src/markdown/identity-api-v3.md#create-policy-post-policies
Interesting.
How is it meant to be used throughout OpenStack?
Do services need to load policies from that API when they are started?
It's a shame it hasn't been proposed to be integrated in Oslo. Any plans for that?
TBH, I think policies must be managed by the application itself
instead of storing them in a separated service. What happens if
someone wants to deploy Glance without keystone but still have
centralized policies? (Maybe I'm just looking at it from the wrong
angle). I'd rather use a lib like like oslo.policy
Hopefully, I didn't misunderstand how that API is meant to be used.
Thanks for the feedback
FF
--
{ name: "Flavio Percoco",
gpg: "87112EC1",
internal: "8261386",
phone: "+390687502386",
irc: ["fpercoco", "flaper87"]}
More information about the OpenStack-dev
mailing list