Hi Satish, Does user1 own the cluster? there is a check for user_id. Regards, Jake On 24/4/2024 6:13 am, Satish Patel wrote:
Folks,
I have recently deployed openstack 2023.1 using kolla-ansible and after setting up magnum I noticed the following policy error when obtaining cards. After reading [1] the policy file looks like it needs a reader role to obtain a certificate. I have assigned the "reader" role to the user but still getting the same error message and no luck.
$ openstack role add --user user1 --user-domain mydomain1 --project myproject1 reader
# Reload User Creds RC file.
$ openstack coe cluster config dev2 Policy doesn't allow certificate:get to be performed (HTTP 403) (Request-ID: req-7445ef3c-52a3-4911-97f6-1fb25d9fac1f)
What else could be wrong here?
1. https://docs.openstack.org/magnum/latest/configuration/sample-policy.html <https://docs.openstack.org/magnum/latest/configuration/sample-policy.html>