[cinder][ops][docs][keystone] policy configuration howto
Ben Nemec
openstack at nemebean.com
Thu Dec 13 14:08:16 UTC 2018
cc Keystone. It would be interesting to know how this fits in with the
new default roles work.
On 12/12/18 8:21 PM, Brian Rosmaita wrote:
> At last week's cinder meeting (5 December) we had a discussion about
> policy checks at the database layer. While these checks seem to make it
> difficult to perform some policy configurations, there are too many of
> them to simply remove them without impacting stability given our current
> test coverage (at least that's my feeling). Additionally, it's possible
> to handle the proposed use case (a read-only administrator) without
> making any code changes. So we decided to fix this issue by documenting
> how this could work.
>
> I've got a patch up for the documentation. I've flagged this email for
> cinder people to read for accuracy, operators to read to make sure the
> instructions are clear and detailed, and docs people to read for
> felicity of expression. Please leave comments on the patch:
>
> https://review.openstack.org/#/c/624424/
>
> cheers,
> brian
>
More information about the openstack-discuss
mailing list