[openstack-dev] [Ceilometer] Event API Access Controls
Jay Pipes
jaypipes at gmail.com
Sat Aug 3 18:03:20 UTC 2013
On 08/02/2013 06:26 PM, Herndon, John Luke (HPCS - Ft. Collins) wrote:
> Hello, I'm currently implementing the event api blueprint[0], and am
> wondering what access controls we should impose on the event api. The
> purpose of the blueprint is to provide a StackTach equivalent in the
> ceilometer api. I believe that StackTach is used as an internal tool
> which end with no access to end users. Given that the event api is
> targeted at administrators, I am currently thinking that it should be
> limited to admin users only. However, I wanted to ask for input on this
> topic. Any arguments for opening it up so users can look at events for
> their resources? Any arguments for not doing so? PS -I'm new to the
> ceilometer project, so let me introduce myself. My name is John Herndon,
> and I work for HP. I've been freed up from a different project and will
> be working on ceilometer. Thanks, looking forward to working with
> everyone! -john 0:
> https://blueprints.launchpad.net/ceilometer/+spec/specify-event-api
Welcome to the contributor community, John. :) I think defaulting the
access to the service's events API endpoints to just admins makes the
most sense, and you can use the existing policy engine to make that
access configurable with the policy.json file.
Best,
-jay
More information about the OpenStack-dev
mailing list