[openstack-dev] [TripleO][keystone] Pt. 2 of Passing along some field feedback
lbragstad at gmail.com
Thu Jun 29 02:24:19 UTC 2017
On 06/28/2017 03:20 PM, Ben Nemec wrote:
> On 06/28/2017 02:47 PM, Lance Bragstad wrote:
>> On 06/28/2017 02:29 PM, Fox, Kevin M wrote:
>>> I think everyone would benefit from a read-only role for keystone
>>> out of the box. Can we get this into keystone rather then in the
>>> various distro's?
>> Yeah - I think that would be an awesome idea. John Garbutt had some good
>> work on this earlier in the cycle. Most of it was documented in specs
>>  . FWIW - this will be another policy change that is going to have
>> cross-project effects. It's implementation or impact won't be isolated
>> to keystone if we want read-only roles out-of-the-box.
>>  https://review.openstack.org/#/c/427872/19
>>  https://review.openstack.org/#/c/428454/
> Cool, I will point our folks at those specs. I know doing a custom
> read-only role has been pretty painful, so I expect they would be very
> happy if this functionality could become standard.
Absolutely - it would be awesome to provide some standard roles out of
the box (at least for the sake of interoperability). I'm happy to help
in any way I can. We also have the weekly policy meeting that's focused
on nailing down cross-project issues with policy .
> Thanks for the replies.
> OpenStack Development Mailing List (not for usage questions)
> OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 819 bytes
Desc: OpenPGP digital signature
More information about the OpenStack-dev