yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #50895
[Bug 1487745] Re: Neutron RBAC API and network support
** Project changed: openstack-api-site => neutron
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1487745
Title:
Neutron RBAC API and network support
Status in neutron:
Confirmed
Status in openstack-manuals:
Won't Fix
Bug description:
https://review.openstack.org/192555
commit 4595899f7f2b3774dc2dac2f8dd1a085b1e7973d
Author: Kevin Benton <blak111@xxxxxxxxx>
Date: Tue Jun 16 23:43:59 2015 -0700
Neutron RBAC API and network support
This adds the new API endpoint to create, update, and delete
role-based access control entries. These entries enable tenants
to grant access to other tenants to perform an action on an object
they do not own.
This was previously done using a single 'shared' flag; however, this
was too coarse because an object would either be private to a tenant
or it would be shared with every tenant.
In addition to introducing the API, this patch also adds support to
for the new entries in Neutron networks. This means tenants can now
share their networks with specific tenants as long as they know the
tenant ID.
This feature is backwards-compatible with the previous 'shared'
attribute in the API. So if a deployer doesn't want this new feature
enabled, all of the RBAC operations can be blocked in policy.json and
networks can still be globally shared in the legacy manner.
Even though this feature is referred to as role-based access control,
this first version only supports sharing networks with specific
tenant IDs because Neutron currently doesn't have integration with
Keystone to handle changes in a tenant's roles/groups/etc.
DocImpact
APIImpact
Change-Id: Ib90e2a931df068f417faf26e9c3780dc3c468867
Partially-Implements: blueprint rbac-networks
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1487745/+subscriptions
