[Openstack-operators] [policy] [keystone] Analyzing other access-control systems

Lance Bragstad lbragstad at gmail.com
Fri Jan 5 16:53:52 UTC 2018


Hey all,

This note is a continuation of a thread we started last year on
analyzing other policy systems [0]. Now that we're back from the
holidays and having policy meetings on Wednesdays [1], it'd be good to
pick up the conversation again. We had a few good sessions a couple
months ago going through AWS IAM policy bits and contrasting it to RBAC
in OpenStack. Before we wrapped up those sessions we thought about doing
the same thing with GKE or a more technical deep dive of the IAM stuff.

Do we want to pick this back up in the next few weeks? We can use this
thread to generate discussion about what we'd like to see and jot down
ideas. It might be nice timing to get a session or two scheduled before
the PTG, where we can have face-to-face discussions.

Thoughts?


[0]
http://lists.openstack.org/pipermail/openstack-dev/2017-October/123069.html
[1] http://eavesdrop.openstack.org/#Keystone_Policy_Meeting


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20180105/e8378d94/attachment.sig>


More information about the OpenStack-operators mailing list