[openstack-dev] Neutron and ACLs

Rich Wellner rkw at objenv.com
Wed Apr 8 16:02:16 UTC 2015

Hello everyone,

I (and my sponsor) are interested in adding ACLs to neutron and after 
trying IRC, emailing some githubbers directly and asking in a couple 
other places I've been told that this might be the place to have the 

Here's what I've been told so far:

1) There was a proposal for Quantum ACLs that was never approved.

2) There might be a push to put ACLs in Keystone and have other services 
depend on this central resource for ACL information.

3) Swift has ACLs built into it (notably, not using Keystone)

4) I don't see ACLs in any service other than Swift.

So my question is: How can I meaningfully engage with the right people 
to understand what the current thoughts are for ACLs for all of open 
stack as well as Neutron?

If you google my name and open source you'll see that I've been in the 
game a while and have worked in a few different communities. As such, I 
found one piece of advice I was given while researching Neutron "code up 
your proposal and submit it" to be a bit naive. It's clear there have 
been some conversations about this in the past and I would really not 
want to spend a couple months starting from zero, coming up with a 
solution that *I* like and is objectively good but have it rejected 
because the community already has inertia going in a different direction.

So what I think I need to understand is something like:

o What are the current thoughts on ACLs globally and with regard to Neutron
o What people should I engage with (both for neutron and other services 
like keystone)

Thanks in advance to all who reply.


More information about the OpenStack-dev mailing list