On 6/13/22 8:29 AM, Adivya Singh wrote:
> hi Team,
>
> Any thoughts on this
H Adivya,
Please supply some more information, for example:
- which openstack release you are using
- the full API request you are making to modify the image
- the full API response you receive
- whether the user with "role:user" is in the same project that owns the
image
- debug level log extract for this call if you have it
- anything else that could be relevant, for example, have you modified
any other policies, and if so, what values are you using now?
Also bear in mind that the default policy_file name is "policy.yaml" (not .json). You either
need to provide a policy.yaml file, or override the policy_file setting if you really want to
use policy.json.
Alan
cheers,
brian
>
> Regards
> Adivya Singh
>
> On Sat, Jun 11, 2022 at 12:40 AM Adivya Singh <adivya1.singh@gmail.com
> <mailto:adivya1.singh@gmail.com>> wrote:
>
> Hi Team,
>
> I have a use case where I have to give a user restriction on
> updating the image properties as a member.
>
> I have created a policy Json file and give the modify_image rule to
> the particular role, but still it is not working
>
> "modify_image": "role:user", This role is created in OpenStack.
>
> but still it is failing while updating properties with a
> particular user assigned to a role as "access denied" and
> unauthorized access
>
> Regards
> Adivya Singh
>