Project-scoped app creds - Best practice

Ryan Bannon ryan.bannon at gmail.com
Thu Nov 25 22:50:10 UTC 2021


Hello all,

Relatively new to OpenStack.

To my understanding, application credentials are bound to users. Is there a
way to bind them to Projects (I assume not) or, perhaps, Groups? My naive
thought on a possible solution is that if a group has access to a Project,
a "generic" user account that everybody has access to could be used for the
application credentials. (The use case here is to not bind an app cred to
an individual who might leave the organization, thus making the app cred
secret lost.)

Thanks,

Ryan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-discuss/attachments/20211125/c1537b62/attachment-0001.htm>


More information about the openstack-discuss mailing list