Hi Lee, No, currently only an admin user can create something with a different tenant_id by default. The issue with validating the tenant_id is we need to involve keystone in order to check if the tenant_id is valid (which will cause things to slow down). I believe this question has already come up on the list before if you want to search the archive. This issue isn't specific to just security_groups in neutron its allowed with all neutron resources. Aaron On Tue, Apr 1, 2014 at 1:58 AM, 黎林果 <lilinguo8212 at gmail.com> wrote: > Hi, > all > > Such as the subject, there is no mechanism to check the tenant_id, Do > you think it is necessary? > > > Thanks! > > Lee Li > > _______________________________________________ > OpenStack-dev mailing list > OpenStack-dev at lists.openstack.org > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20140402/357a8e29/attachment.html>