[Openstack] allow user to run single api call
Ivan Derbenev
ivan.derbenev at tech-corps.com
Thu Nov 17 15:01:48 UTC 2016
Hello all!
Is it possible to give a user (or role) an ability to run specific api call?
It's monitoring - only user, and I want to give it permissions for all %servicename% %itemname%-list calls
And changing specific policies in policy.json seems to work, but not for things like nova/cinder service-list.
So I can run service-list only when the user is admin (or after I changed context is_admin in policy.json)
Can I somehow allow user to run ONLY nova service-list?
More information about the Openstack
mailing list