[Openstack] non public glance image can seen by all tenant

Adhi Priharmanto adhi.pri at gmail.com
Fri Oct 26 04:29:27 UTC 2018


Hi,
I have setup rocky release at my openstack lab, now all of tenant (user)
can see non-public glance image create by another tenant (user)

here is my glance policy.json :

> {
>     "context_is_admin":  "role:admin",
>     "default": "role:admin",
>     "add_image": "",
>     "delete_image": "",
>     "get_image": "",
>     "get_images": "",
>     "modify_image": "",
>     "publicize_image": "role:admin",
>     "communitize_image": "",
>     "copy_from": "",
>     "download_image": "",
>     "upload_image": "",
>     "delete_image_location": "",
>     "get_image_location": "",
>     "set_image_location": "",
>     "add_member": "",
>     "delete_member": "",
>     "get_member": "",
>     "get_members": "",
>     "modify_member": "",
>     "manage_image_cache": "role:admin",
>     "get_task": "",
>     "get_tasks": "",
>     "add_task": "",
>     "modify_task": "",
>     "tasks_api_access": "role:admin",
>     "deactivate": "",
>     "reactivate": "",
>     "get_metadef_namespace": "",
>     "get_metadef_namespaces":"",
>     "modify_metadef_namespace":"",
>     "add_metadef_namespace":"",
>     "get_metadef_object":"",
>     "get_metadef_objects":"",
>     "modify_metadef_object":"",
>     "add_metadef_object":"",
>     "list_metadef_resource_types":"",
>     "get_metadef_resource_type":"",
>     "add_metadef_resource_type_association":"",
>     "get_metadef_property":"",
>     "get_metadef_properties":"",
>     "modify_metadef_property":"",
>     "add_metadef_property":"",
>     "get_metadef_tag":"",
>     "get_metadef_tags":"",
>     "modify_metadef_tag":"",
>     "add_metadef_tag":"",
>     "add_metadef_tags":""
> }


any advice how to fix this ?


-- 
Cheers,



[image: --]
Adhi Priharmanto
[image: http://]about.me/a_dhi
<http://about.me/a_dhi?promo=email_sig>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20181026/bd982693/attachment.html>


More information about the Openstack mailing list