[openstack-dev] Glance Image Protection Policy
masoom.alam at wanclouds.net
Thu Jul 2 07:10:42 UTC 2015
Hi every one,
The glance policy.json allows specific users/roles to download an image. If
we apply a policy on a specific role, only that role can download and/or
boot an image.
What if we want to restrict downloading an image, but at the same time
allowing the user to boot it via nova boot. The catch is that we will have
to restrict the user from taking the snapshot right? Can glance can
differentiate between user downloading an image and nova doing the same on
the behalf of a user.
OR how to solve the puzzle, please guide.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OpenStack-dev