[Openstack-operators] Nova 2.1 and user permissions in the policy file
Sean Dague
sean at dague.net
Thu Jun 2 11:31:30 UTC 2016
On 05/23/2016 10:24 AM, Tim Bell wrote:
>
>
> Quick warning for those who are dependent on the "user_id:%(user_id)s"
> syntax for limiting actions by user. According to
> https://bugs.launchpad.net/nova/+bug/1539351, this behavior was
> apparently not intended according to the bug report feedback. The
> behavior has changed from v2 to v2.1 and the old syntax no longer works.
>
>
>
> There can be security implications also so I’d recommend those using
> this current v2 feature to review the bug to understand the potential
> impacts as clouds enable v2.1.
Here is the proposed nova-spec on limited changes we're considering
bringing back in. The setup language is flowery, because I was in a
flowery mood yesterday. :)
Comments are welcomed there - https://review.openstack.org/#/c/324068/
-Sean
--
Sean Dague
http://dague.net
More information about the OpenStack-operators
mailing list