[Openstack] Identity API v3 - Why allow multi-tenant users?
Gabriel Hurley
Gabriel.Hurley at nebula.com
Tue May 29 21:16:24 UTC 2012
Terminology:
Project == Tenant. They are equivalent in Keystone parlance.
What you're referring to as a "tenant" in that last email is the role a "domain" might play going forward in Keystone.
All the best,
- Gabriel
> -----Original Message-----
> From: openstack-bounces+gabriel.hurley=nebula.com at lists.launchpad.net
> [mailto:openstack-
> bounces+gabriel.hurley=nebula.com at lists.launchpad.net] On Behalf Of
> Caitlin Bestler
> Sent: Tuesday, May 29, 2012 11:47 AM
> To: Tim Bell; openstack at lists.launchpad.net
> Subject: Re: [Openstack] Identity API v3 - Why allow multi-tenant users?
>
> Tim Bell wrote:
>
> ➢ In the research environment, we have frequent cases where a user is
> associated with multiple tenants.
>
> > For example, when you are finishing work on a previous project but are
> mainly working on the new one.
>
> > As we move towards domain/tenant/user, we need to ensure that the
> tools support multi-tenant per user. Correct accounting is critical.
>
> > This does require extra code but it is relevant given the use cases.
>
> What you are describing strikes me as a single tenant with multiple projects.
> It is similar to a corporate environment with multiple departments.
>
> I am seeing a major problem here when the tenants are truly separate and
> the only possible administrator in common is the service provider.
>
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to : openstack at lists.launchpad.net
> Unsubscribe : https://launchpad.net/~openstack
> More help : https://help.launchpad.net/ListHelp
More information about the Openstack
mailing list