[Openstack-security] [Bug 1391504] Change abandoned on nova (master)
OpenStack Infra
1391504 at bugs.launchpad.net
Mon Jun 22 13:59:20 UTC 2015
Change abandoned by John Garbutt (john at johngarbutt.com) on branch: master
Review: https://review.openstack.org/123428
Reason: this appears to have little attention, so I am assuming the submitter is no longer working on this, so abadongin this for now. please restore this if you want to work on it again.
--
You received this bug notification because you are a member of OpenStack
Security, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1391504
Title:
Sample policies for Openstack
Status in Cinder:
Triaged
Status in OpenStack Image Registry and Delivery Service (Glance):
In Progress
Status in OpenStack Identity (Keystone):
Confirmed
Status in OpenStack Neutron (virtual network service):
In Progress
Status in OpenStack Compute (Nova):
Confirmed
Bug description:
Regarding OpenStack policies, in general, the described roles seem
quite complicated, it is not clear which roles are appropriated for
each user. For example, in many policies it is defined just a global
admin role. We would like to clarify what are the role organizations,
for example, cloud_admin is the role for the cloud managers,
domain_admin is the role for the domain managers, project_admin for
the project admin and project_member a member with a role in a project
but with no admin permissions. In this way, it is clear for the cloud
manager which capability is being given to a user. The idea is create
a policy.cloudsample.json, where roles as cloud_admin project_admin,
and project_member will be defined and some default permissions,
making policies closer to the business reality.
To manage notifications about this bug go to:
https://bugs.launchpad.net/cinder/+bug/1391504/+subscriptions
More information about the Openstack-security
mailing list