← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #25770

[Bug 1331836] Re: Advanced Services need to be able to list all networks and create/update/delete ports on other tenants's networks.

  Thread PreviousDate PreviousThread Next 
** Changed in: neutron
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1331836

Title:
  Advanced Services need to be able to list all networks and
  create/update/delete ports on other tenants's networks.

Status in OpenStack Neutron (virtual network service):
  Fix Released

Bug description:
  Today the Advanced Services e.g. DBaaS, DNSaaS, etc. need to be able
  to create/delete and update ports on a tenant's network. Today they
  can do this by  being a Global Neutron Admin. We need to create a
  policy/role/etc. that will allow a tenant to be admin for a resource.

  We need this feature to allow our Advanced services to share a
  "Neutron Provider Network" that allow them to forward logs down to the
  Centralized logging system.

  "shared" on a Network will allow all tenant to access the network. The
  keystone hierarchical tenants will not be ready any time soon.

  By implementing this feature, we are defining a new user role
  (advsvc), which will allow for the equivalent of admin rights when
  defined for specific resources. This is an easy way to add this
  functionality into the policy framework in Neutron and allow granular
  control of access to resources with this new role.

  Chatted with Mark and Kyle and I am now filling this bug.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1331836/+subscriptions

References

  Thread PreviousDate PreviousThread Next