[openstack-dev] Authorization mechanisms for each user
Yuki Nisiwaki
uckey.1067 at gmail.com
Fri Apr 15 01:13:43 UTC 2016
Hi openstacker working on congress.
I want to implement the authorization mechanisms for each user, not role
base.
For example, User A can change security group, But User B can’t change
security group like IAM feature of AWS.
In order to achieve it,
I’m considering whether can I utilize Congress feature.
I am thinking somehow that I can achieve it by following step.
1. create policy for each user with datalog in congress
2. prepare the wsgi filter for each project that works confirming
authorization of each user to Congress.
I think this use-case is very popular and there is someone who think same
thing.
But There is no information about it in any website (blog, presentation in
summit).
So why is there anyone who achieve it?
or does this approach have anxious point?
If you are interested in this approach or think same thing, I want to know
it.
Best regards
Yuki Nishiwaki
NTT Communitions
Technology development
Cloud Core Technology Unit
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20160415/ba6c1c84/attachment.html>
More information about the OpenStack-dev
mailing list