Hi all,

I have created a role (project_admin) and have given access to anyone with that role to be allowed delete VM's in their group/project. I am trying to allow that user to now add or remove users in the domain but I can't seem to figure it out. I have edited the /etc/keystone/policy.yaml and added role:project_admin to the create user rule.

Is this the way I should be doing it? Or does anyone have any advice? Thanks in advance and happy Friday :)

Regards,

Derek