<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">On 08/27/2015 02:25 AM, kevin parrikar
wrote:<br>
</div>
<blockquote
cite="mid:CAJLFrOVLHy-8vZtjCRSPmq4_Mtkr3uQpwCAtzvgE0ZiUecXLeg@mail.gmail.com"
type="cite">
<div dir="ltr"><span style="background-color:rgb(255,255,255)"><font
style="" face="verdana, sans-serif"><font color="#000000"><span
style="font-size:12.8000001907349px">i have a user whose
role was "_member_ "later changed to "heat_stack_user"
and again changed to "_member_" but now the user is not
able to do any heat commands as it returns </span></font></font></span>
<div><span style="background-color:rgb(255,255,255)"><font
style="" face="verdana, sans-serif"><font color="#000000"><span
style="font-size:12.8000001907349px">"ERROR: You are
not authorized to complete this action". for heat
stack-list and other heat commands but "nova list "is
working fine</span></font></font></span>
<div>
<div style="text-indent: -7px;"><font face="verdana,
sans-serif" color="#000000"><span
style="font-size:12.8000001907349px"><br>
</span></font></div>
<div style="text-indent: -7px;"><font face="verdana,
sans-serif" color="#000000"><span
style="font-size:12.8000001907349px">I tried adding
user to admin role </span></font></div>
<div style="text-indent: -7px;"><font face="verdana,
sans-serif" color="#000000"><span
style="font-size:12.8000001907349px"><br>
</span></font></div>
<div style="text-indent: -7px;"><font face="verdana,
sans-serif" color="#000000"><span
style="font-size:12.8000001907349px">keystone
user-role-add --user=user10 --tenant=tenant9
--role=admin </span><br>
</font></div>
<div style="text-indent: -7px;"><font face="verdana,
sans-serif" color="#000000"><span
style="font-size:12.8000001907349px"><br>
</span></font></div>
<div style="text-indent: -7px;"><font face="verdana,
sans-serif" color="#000000"><span
style="font-size:12.8000001907349px">where "user10"
is member of 2-3 tenants:</span></font></div>
<div style="text-indent: -7px;"><font face="verdana,
sans-serif" color="#000000"><span
style="font-size:12.8000001907349px"><br>
</span></font></div>
<div style="text-indent: -7px;"><font face="verdana,
sans-serif" color="#000000"><span
style="font-size:12.8000001907349px">But its still the
same even with admin role.So i suppose when i changed
the role something else also changed which i am not
able to figure out.Can somebody help me in fixing
this.<br>
</span></font></div>
</div>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Mailing list: <a class="moz-txt-link-freetext" href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack</a>
Post to : <a class="moz-txt-link-abbreviated" href="mailto:openstack@lists.openstack.org">openstack@lists.openstack.org</a>
Unsubscribe : <a class="moz-txt-link-freetext" href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack</a>
</pre>
</blockquote>
<br>
<br>
<br>
Did you change policy?<br>
<br>
Use can have multiple roles, so admin, _member_ and heat_stack_user
(while strange) could all be assigned to the same user. You might
need both depending on your setup.<br>
</body>
</html>