openstack team mailing list archive

[Greg <gholt@xxxxxxxxxxxxx>]

If it's any help, Swift just uses an opaque account string. With Cloud Files we have several resellers each with their own sets of how accounts and users should be structured. We backed away quickly from all that and went the route of "here's an account identifier value, it must be unique amongst your accounts" for each reseller.

This doesn't prevent us from allowing access controls, etc. as the authentication system can return a list of groups (or roles, or w/e, these are opaque strings to us too).

Even if Swift had the functionality for mapping org structures, I can't imagine our resellers would want to mirror that over to us, it's hard enough to maintain in one system.