yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1245435] Re: Unable to remove aws key as normal user

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Thierry Carrez <thierry.carrez+lp@xxxxxxxxx>
Date: Wed, 04 Dec 2013 09:33:45 -0000
Reply-to: Bug 1245435 <1245435@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: keystone
       Status: Fix Committed => Fix Released

** Changed in: keystone
    Milestone: None => icehouse-1

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1245435

Title:
  Unable to remove aws key as normal user

Status in OpenStack Identity (Keystone):
  Fix Released

Bug description:
  In devstack as normal user I'm able to create a bunch of AWS key pair. But I'm unable to delete those AWS key pair
  as normal user. Below are the commands :
  fabien@devstack-1:~$ . openrc demo demo
  fabien@devstack-1:~/devstack$ keystone ec2-credentials-create
  +-----------+----------------------------------+
  |  Property |              Value               |
  +-----------+----------------------------------+
  |   access  | 11fcd9628779482f9b7971ec0bc69359 |
  |   secret  | 4c7aa22f89ba49ce8de67512abf513df |
  | tenant_id | 53f4610540fd4be7938e65f4c9567e25 |
  |  user_id  | 970acc126501440b9bb60b5494b6460c |
  +-----------+----------------------------------+
  fabien@devstack-1:~/devstack$ keystone ec2-credentials-get --access 11fcd9628779482f9b7971ec0bc69359
  +-----------+----------------------------------+
  |  Property |              Value               |
  +-----------+----------------------------------+
  |   access  | 11fcd9628779482f9b7971ec0bc69359 |
  |   secret  | 4c7aa22f89ba49ce8de67512abf513df |
  | tenant_id | 53f4610540fd4be7938e65f4c9567e25 |
  |  user_id  | 970acc126501440b9bb60b5494b6460c |
  +-----------+----------------------------------+
  fabien@devstack-1:~/devstack$ keystone ec2-credentials-delete --access 11fcd9628779482f9b7971ec0bc69359
  Unable to delete credential: Could not find credential, 11fcd9628779482f9b7971ec0bc69359. (HTTP 404)

  As admin user the deletion work as expected:
  fabien@devstack-1:~$ . openrc admin admin
  fabien@devstack-1:~/devstack$ . openrc admin admin
  fabien@devstack-1:~/devstack$ keystone ec2-credentials-delete --access 11fcd9628779482f9b7971ec0bc69359
  Credential has been deleted.

  Is this the normal behavior ?

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1245435/+subscriptions