[openstack-dev] [heat] [horizon] why is heat service-list limited to 'admin project?
Akihiro Motoki
amotoki at gmail.com
Wed Sep 21 07:30:05 UTC 2016
Hi,
The default policy.json provided by heat limits 'service-list' API to
'admin' project like below.
Is there any reason 'admin' role user in non-'admin' project cannot
see service-list?
"service:index": "rule:context_is_admin",
"context_is_admin": "role:admin and is_admin_project:True",
I noticed this when investigating a horizon bug
https://bugs.launchpad.net/horizon/+bug/1624834.
horizon currently has a bit different policy engine and it does not
support is_admin_project:True.
We would like to know the background of this default configuration.
Thanks,
Akihiro
More information about the OpenStack-dev
mailing list