Open Stack

Hi Li,

As fas as I know to migrate an instance you'll need admin priviliges.
But if you want to allow this operation for normal user then might try editing /etc/nova/policy.json file and give privileges.

File: /etc/nova/policy.json
change "compute_extension:admin_actions:migrate": "rule:admin_api" to
"compute_extension:admin_actions:migrate": "rule:admin_or_owner"


Regards,
Sushma



________________________________
From: Li, Chen <chen.li at intel.com>
Sent: Tuesday, June 24, 2014 1:44 PM
To: openstack at lists.openstack.org
Subject: [Openstack] How can I enable operation for non-admin user

Hi list,

I'm working under CentOS + icehouse.

While, I have an non-admin user "demo", and I can work under this this user with basic operations.
Everything works well.

But, I also hope this user can do some admin operations, such as migrate and so on, because currently when I run command:
nova migrate ${my_instance}
I get output:
ERROR: Policy doesn't allow compute_extension:admin_actions:migrate to be performed. (HTTP 403) (Request-ID: req-698ad5b5-f1fe-48fc-b81f-a765020bf89f)

Anyone can help me ?

Thanks.
-chen

DISCLAIMER
==========
This e-mail may contain privileged and confidential information which is the property of Persistent Systems Ltd. It is intended only for the use of the individual or entity to which it is addressed. If you are not the intended recipient, you are not authorized to read, retain, copy, print, distribute or use this message. If you have received this communication in error, please notify the sender and delete all copies of this message. Persistent Systems Ltd. does not accept any liability for virus infected mails.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20140624/e114ed91/attachment.html>