[Openstack] How can I enable operation for non-admin user
Sushma Korati
sushma_korati at persistent.co.in
Tue Jun 24 08:42:56 UTC 2014
Hi Li,
As fas as I know to migrate an instance you'll need admin priviliges.
But if you want to allow this operation for normal user then might try editing /etc/nova/policy.json file and give privileges.
File: /etc/nova/policy.json
change "compute_extension:admin_actions:migrate": "rule:admin_api" to
"compute_extension:admin_actions:migrate": "rule:admin_or_owner"
Regards,
Sushma
________________________________
From: Li, Chen <chen.li at intel.com>
Sent: Tuesday, June 24, 2014 1:44 PM
To: openstack at lists.openstack.org
Subject: [Openstack] How can I enable operation for non-admin user
Hi list,
I'm working under CentOS + icehouse.
While, I have an non-admin user "demo", and I can work under this this user with basic operations.
Everything works well.
But, I also hope this user can do some admin operations, such as migrate and so on, because currently when I run command:
nova migrate ${my_instance}
I get output:
ERROR: Policy doesn't allow compute_extension:admin_actions:migrate to be performed. (HTTP 403) (Request-ID: req-698ad5b5-f1fe-48fc-b81f-a765020bf89f)
Anyone can help me ?
Thanks.
-chen
DISCLAIMER
==========
This e-mail may contain privileged and confidential information which is the property of Persistent Systems Ltd. It is intended only for the use of the individual or entity to which it is addressed. If you are not the intended recipient, you are not authorized to read, retain, copy, print, distribute or use this message. If you have received this communication in error, please notify the sender and delete all copies of this message. Persistent Systems Ltd. does not accept any liability for virus infected mails.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20140624/e114ed91/attachment.html>
More information about the Openstack
mailing list