Hi,


I started looking at the S-RBAC today and for the phase 3 [1] especially. My question is - do we have agreement how this MANAGER will look like? In the linked document there is only info that keystone's spec [2] will have to be changed but I'm not sure if this is final now and if we can/should start thinking and implementing policies for the MANAGER role or not yet.


[1] https://governance.openstack.org/tc/goals/selected/consistent-and-secure-rbac.html#phase-3

[2] https://review.opendev.org/c/openstack/keystone-specs/+/818603


--

Slawek Kaplonski

Principal Software Engineer

Red Hat