[Openstack-operators] Dynamic Policy for Access Control

Adam Young ayoung at redhat.com
Mon Feb 23 15:44:34 UTC 2015

"Admin can do everything!"  has been a common lament, heard for multiple 
summits.  Its more than just a development issue.  I'd like to fix 
that.  I think we all would.

I'm looking to get some Operator input on the Dynamic Policy issue. I 
wrote up a general overview last fall, after the Kilo summit:


Some of what I am looking at is:  what are the general roles that 
Operators would like to have by default when deploying OpenStack?

I've submitted a talk about policy for the Summit:

If you want, please vote for it, but even if it does not get selected, 
I'd like to discuss Policy with the operators at the summit, as input 
to  the Keystone development effort.

Feedback greatly welcome.

More information about the OpenStack-operators mailing list