[nova][glance] Granting image member access for snapshots (bug 1675791)
William M Edmonds
edmondsw at us.ibm.com
Wed Jan 16 15:22:02 UTC 2019
Matt Riedemann <mriedemos at gmail.com> wrote on 01/16/2019 09:34:17 AM:
>
> One more note about this - I have not yet tested doing a snapshot of a
> volume-backed server where the admin creates the snapshot and the tenant
> user tries to create a new server from that snapshot. In that case the
> tenant user should have access to the snapshot image, but they might not
> have access to the volume snapshot so that could still fail. For that to
> work, we'd likely need to force an ownership transfer of the volume to
> the tenant user (owner of the server) I guess.
Or depend on a new cinder capability for sharing volumes across projects,
similar to how images can be shared across projects. This would be useful
for other things as well.
I do agree that in this case, forcing ownership transfer would probably be
better than sharing. In fact, I wish we could do that for images here.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-discuss/attachments/20190116/9691e00b/attachment.html>
More information about the openstack-discuss
mailing list