[Keystone] member role with access rule can not list hypervisors details

Hemant Sonawane hemant.sonawane at itera.io
Tue Dec 13 13:43:33 UTC 2022


Hello,

Does application credentials created as member role with access rule need
any special permissions to list hypervisors via cli?
Here is the access rule i created for my application credentials

[
    {
        "path": "/v2.1/**",
        "method": "GET",
        "service": "compute"
    }
]


+--------------------------------+---------+--------+-------------------+

| ID                             | Service | Method | Path              |

+--------------------------------+---------+--------+-------------------+

| f2417b29f8394281aaa088d7c01059 | compute | POST   | /v2.1/hypervisors |

| 0cacd63becc04db086cd070db978c5 | compute | POST   | /v2.1/servers     |

| 366abc32faf543b9ab047a83eafe83 | compute | GET    | /v2.1/servers     |

| 4a4258b6a37c49f3816b708efa179f | compute | GET    | /v2.1/**          |

+--------------------------------+---------+--------+-------------------+
I tried to use other access rule too.

After sourcing the credentials if i would like to list any of the openstack
resources it simply does not work






*openstack volume list
                                                                openstack
The request you have made requires authentication. (HTTP 401)openstack
hypervisor list
                                                     The request you have
made requires authentication. (HTTP 401) (Request-ID:
req-c4532458-5606-4c85-8f93-20e61f57e2c9)*
i think this could be a bug in keystone or it might need any special
permissions with access rule.

Please help will be really appreciated.
-- 
Thanks and Regards,

Hemant Sonawane
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.openstack.org/pipermail/openstack-discuss/attachments/20221213/fcc3a99b/attachment.htm>


More information about the openstack-discuss mailing list