Hi,

A summary of the nova/keystone cross project PTG session.
Full etherpad is here:
https://etherpad.openstack.org/p/ptg-train-xproj-nova-keystone


1) Policy Refresh

Spec:
https://review.openstack.org/#/c/547850/

Notes:
* Better defaults to make policy changes easier
* Move from current to: System Admin vs Project Member
* Also add System Reader and Project Reader
** Above requires more granular policy for some APIs
** Also change DB check: system or admin, eventually drop it
* Lots of testing to avoid regressions
* Patrole may be useful, but initial focus on in-tree tests

Actions:
* johnthetubaguy to update spec
* melwitt, gmann and johnthetubaguy happy to work on these
* upload POC for testing plan


2) Unified Limits

Spec:
https://review.opendev.org/#/c/602201/

Notes:
* only move instances and resource class based quotas to keystone
* work on tooling to help operators migrate to keystone based limits
* adopt oslo.limit to enforce unified limits
* eventually we get hierarchical limits and the "per flavor" use case

Actions:
* johnthetubaguy to update the spec
* johnthetubaguy, melwitt, alex_xu happy to work on these things
* work on POC to show approach

Thanks,
johnthetubaguy