yahoo-eng-team team mailing list archive

[Florian Faltermeier <1931571@xxxxxxxxxxxxxxxxxx>]

Public bug reported:

In keystone, if I grant someone the reader role on a project the
readonly (role reader) user is able to create a new instance within the
project.

Openstack Version: wallaby

1. Create a user within a project and add role reader to the user.
2. Login with the readonly user into the project and try to create an instance.

Florian

** Affects: nova
     Importance: Undecided
         Status: New

** Description changed:

  In keystone, if I grant someone the reader role on a project the
  readonly (role reader) user is able to create a new instance within the
  project.
  
  Openstack Version: wallaby
  
  1. Create a user within a project and add role reader to the user.
- 2. Login with the readonly user into the project and create an instance.
+ 2. Login with the readonly user into the project and try to create an instance.
  
  Florian

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1931571

Title:
  Nova ignores reader role conventions in default policies

Status in OpenStack Compute (nova):
  New

Bug description:
  In keystone, if I grant someone the reader role on a project the
  readonly (role reader) user is able to create a new instance within
  the project.

  Openstack Version: wallaby

  1. Create a user within a project and add role reader to the user.
  2. Login with the readonly user into the project and try to create an instance.

  Florian

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1931571/+subscriptions