Open Stack

Which version of the code are you using? This could potentially be a bug.
Can you give some more information on what goes wrong with creating an instance?
Do you get a traceback anywhere?

Vish

On Aug 2, 2012, at 1:23 PM, Mitchell Broome <mitchell.broome at gmail.com> wrote:

> I'm using essex 2012.1 and I'm running into an issue with tenant
> separation using the ec2 api.  I end up having to give a user the
> 'admin' role in keytone to create instances within a tenant.  I can
> live with that but the problem is, now that the user has 'admin', they
> also see all of the instances including ones from other tenants via a
> describe_instances().
> 
> If I only give them the 'Member' role, they can only see the instances
> within thier default tenant but they can't create instances.  Also, if
> they only have 'Member', I'm able to create instances via horizon
> manually.
> 
> I'm assuming I'm missing some combination of roles I need to setup to
> allow a users to create instances in thier default tenant but not see
> other instances in other tenants.
> 
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to     : openstack at lists.launchpad.net
> Unsubscribe : https://launchpad.net/~openstack
> More help   : https://help.launchpad.net/ListHelp