答复: [lists.openstack.org代发][question][placement][rest api][403]
Brin Zhang(张百林)
zhangbailin at inspur.com
Mon Aug 19 06:28:25 UTC 2019
> > On 8/15/2019 1:09 AM, 崔恒香 wrote:
> > This is my problem with placement rest api.(Token and endpoint were
> > OK)
> >
> > {"errors": [{"status": 403,
> > "title": "Forbidden",
> > "detail": "Access was denied to this resource.\n\n Policy does not
> > allow placement:resource_providers:list to be performed. ",
> > "request_id":
> > "req-5b409f22-7741-4948-be6f-ea28c2896a3f"
> > }]}
> On 8/16/2019 3:24 PM, Matt Riedemann wrote:
> This doesn't give much information. Does the token have the admin role in it? Has the placement:resource_providers:list
> policy rule been changed from the default (rule:admin_api)?
As Matt said, you should check you policy limit for your request user, it’s default role is “rule:admin_api” [1]. If your authenticated user is not admin, then the 403 error is normal.
[1] https://github.com/openstack/placement/blob/master/placement/handlers/resource_provider.py#L178
https://github.com/openstack/placement/blob/master/placement/policies/resource_provider.py#L51
发件人: 崔恒香 [mailto:chx769467092 at 163.com]
发送时间: 2019年8月15日 13:21
收件人: openstack-discuss at lists.openstack.org
主题: [lists.openstack.org代发][question][placement][rest api][403]
This is my problem with placement rest api.(Token and endpoint were OK)
{"errors": [{"status": 403,
"title": "Forbidden",
"detail": "Access was denied to this resource.\n\n Policy does not allow placement:resource_providers:list to be performed. ",
"request_id": "req-5b409f22-7741-4948-be6f-ea28c2896a3f"
}]}
Regards,
Cuihx
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-discuss/attachments/20190819/da36de0d/attachment-0001.html>
More information about the openstack-discuss
mailing list