[neutron] Drivers meeting agenda - 19.03.2021
skaplons at redhat.com
Fri Mar 19 07:31:06 UTC 2021
Dnia piątek, 19 marca 2021 08:20:13 CET Slawek Kaplonski pisze:
> First of all sorry for sending it so late - I simply forgot to send this
> yesterday :)
> For today's drivers meeting we have 1 RFE to discuss:
> * https://bugs.launchpad.net/neutron/+bug/1904559 - it is continuation of
> discussion from last week. Michael Johnson from Designate team provided his
> feedack on it so I think that based on that we can make final decision about
> that RFE on our today's meeting.
> Slawek Kaplonski
> Principal Software Engineer
> Red Hat
One more thing. I would also want to talk about patch .
Long story short problem which we have with that is that with new secure rbac
policies we have personas like SYSTEM_ADMIN and PROJECT_ADMIN. SYSTEM_ADMIN
don't have any project_id in context.
We set some policies like e.g. create network with provider:physical_network
given to be available only for SYSTEM_ADMIN user. And the issue with that is
that such SYSTEM_ADMIN user needs to always pass --project_id as a parameter
if wants to create such network as network has to have owner and there is no
project_id in context of such request.
And my question for discussion is: should we relax our default policies as
patch  proposes or not. We discussed that on last team meeting on Tuesday
but I'm still not convinced if we should really do it. So I want to discuss
that once again today :)
Principal Software Engineer
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 488 bytes
Desc: This is a digitally signed message part.
More information about the openstack-discuss