Hi,
I started looking at the S-RBAC today and for the phase 3 [1] especially. My question is - do we have agreement how this MANAGER will look like? In the linked document there is only info that keystone's spec [2] will have to be changed but I'm not sure if this is final now and if we can/should start thinking and implementing policies for the MANAGER role or not yet.
[1] https://governance.openstack.org/tc/goals/selected/consistent-and-secure-rbac.html#phase-3
[2] https://review.opendev.org/c/openstack/keystone-specs/+/818603
--
Slawek Kaplonski
Principal Software Engineer
Red Hat