openstack team mailing list archive

Thread
Date

Re: [Metering] External API definition

To: Nick Barcet <nick.barcet@xxxxxxxxxxxxx>
From: Doug Hellmann <doug.hellmann@xxxxxxxxxxxxx>
Date: Wed, 9 May 2012 11:36:10 -0400
Cc: openstack@xxxxxxxxxxxxxxxxxxx
In-reply-to: <4FA9BDC6.4050406@canonical.com>

On Tue, May 8, 2012 at 8:43 PM, Nick Barcet <nick.barcet@xxxxxxxxxxxxx>wrote:

> On 05/08/2012 11:39 AM, Doug Hellmann wrote:
> [..]
> >     * Requests must be authenticated (separate from keystone, or only
> linked
> >     to accounting type account)
> >
> >
> > What is the motivation for authenticating with a service other than
> > keystone?
>
> The only thing I am trying to express here is that that profiles that
> have access to other OpenStack components should not necessarily have
> access to metering information.  This information should be accessible
> only a few select users which group may or may not intersect with users
> stored in Keystone already.
>

I see. Is it enough to say that the API is meant for "admin" users only, or
does that still imply more access than we want to grant?


>
> Nick
>
>
>

Follow ups

Re: [Metering] External API definition
From: Nick Barcet, 2012-05-09

References

[Metering] External API definition
From: Nick Barcet, 2012-05-08
Re: [Metering] External API definition
From: Doug Hellmann, 2012-05-08
Re: [Metering] External API definition
From: Nick Barcet, 2012-05-09