Open Stack

Groups are independent of tenants.  A role reference can be used to link a
group to a tenant, much like it currently links and individual user to a
tenant.  For example I could give all users in the Nova Basic Admin group
the 'netadmin' role for Nova in tenant X.

I will not be available on the 28th but Guang can attend.

Jason

-----Original Message-----
From: Joseph Heck [mailto:heckj at mac.com] 
Sent: Friday, February 17, 2012 1:45 PM
To: Rouault, Jason (Cloud Services)
Cc: OpenStack Mailing List
Subject: Re: [Openstack] Keystone Use Cases and User Stores

Thanks Jason - 

Thats already on our list of topics to discuss more broadly at the Folsom
design summit (http://wiki.openstack.org/KeystoneFolsomSummitTopics). The
etherpad has a great deal of detail, but I think it needs some conversation
needs happen as to how it related to the RBAC discussions that we had the
Essex design summit (etherpad at http://etherpad.openstack.org/canhaz). 

>From your user stories, it's not entirely clear what a "group" concept is
getting us that isn't already in tenant when you apply RBAC. I'd like to
understand that better. Are you available on IRC to chat sometime?

If it would be easier, I'd be happy to schedule it up as a topic of
conversation in a future keystone IRC meeting. The next meeting (the 21st -
http://wiki.openstack.org/Meetings/KeystoneMeeting), but I've added it to a
talk list. Would you be available to chat on IRC on the 28th?

-joe

On Feb 17, 2012, at 12:28 PM, Rouault, Jason (Cloud Services) wrote:
> http://etherpad.openstack.org/keystone-domains
> 
> -----Original Message-----
> From: openstack-bounces+jason.rouault=hp.com at lists.launchpad.net
> [mailto:openstack-bounces+jason.rouault=hp.com at lists.launchpad.net] On 
> Behalf Of Joseph Heck
> Sent: Friday, February 17, 2012 12:59 PM
> To: OpenStack Mailing List
> Subject: [Openstack] Keystone Use Cases and User Stores
> 
> Happy Friday (hopefully it's friday when you get this...)
> 
> As keystone is getting into a new baseline, we're actively going 
> through the bug list and blueprints and re-assessing based on the 
> updated codebase. As we're getting into the details, we want to try 
> and stay as close to the road as possible with implementing features 
> and making sure the features we implement are rock solid going 
> forward. To support that, we are starting to gather use cases of the folks
actively deploying and trying to use Keystone.
> If you're using Keystone, I'd like to encourage you to take a look at 
> the wiki page:
> 
> 	http://wiki.openstack.org/KeystoneUseCases
> 
> and see if there are other use cases that you require for your deployment.
> With these use cases, and the topics that we are collecting for 
> broader discussion at the Folsom summit 
> (http://wiki.openstack.org/KeystoneFolsomSummitTopics), we are looking 
> to build out blueprints and prioritize work for the upcoming Folsom
release.
> 
> Thanks!
> 
> -joe
> (heckj)
> 
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to     : openstack at lists.launchpad.net
> Unsubscribe : https://launchpad.net/~openstack
> More help   : https://help.launchpad.net/ListHelp

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4854 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20120217/a9b97242/attachment.bin>