[Openstack] Federated Identity Management (bursting and zones)

Sandy Walsh sandy.walsh at RACKSPACE.COM
Wed Mar 30 22:10:22 UTC 2011


From: Jay Pipes [jaypipes at gmail.com]

> Come to think of it, there's no reason that role A would need to have similar privileges in
zones X and Y. More likely than not, they would have different
privileges, and therefore a federated authz service wouldn't really
make sense.

I see your point, I was thinking at the Rights level, not Roles/Groups, and envisioning Rights like: 

can_boot_os=windows;linux
can_boot_flavor=tiny;small;medium
can_migrate_outside_zone=True
maximum_ram_size=512m

Certainly, we could have pre-established Rights just as we would have common Roles/groups.

-S


Confidentiality Notice: This e-mail message (including any attached or
embedded documents) is intended for the exclusive and confidential use of the
individual or entity to which this message is addressed, and unless otherwise
expressly indicated, is confidential and privileged information of Rackspace.
Any dissemination, distribution or copying of the enclosed material is prohibited.
If you receive this transmission in error, please notify us immediately by e-mail
at abuse at rackspace.com, and delete the original message.
Your cooperation is appreciated.





More information about the Openstack mailing list