GaOrtiga commented on PR #7153: URL: https://github.com/apache/cloudstack/pull/7153#issuecomment-1637909380
> @GaOrtiga > > Another scenario where sub domains are present > > Also, what will happen if an account is present under a sub domains of a domain > > Ideally, the network should get created since the subdomain is also falls under the same domain > VPC owner account Network Owner account Same Domain Could Create Expected Result Comments > Domain Admin Account under a subdomain Y N Network tier should get created see_no_evil Error: (HTTP 531, error code 4365) Account <>does not have permission to operate within domain id=51427f97-6c38-4a7d-bf1c-8cdc86232cb8 hi @kiranchavala thanks for testing. Which account did you use to run the API commands? I ran both tests twice, once using the VPC owner and the other using the network owner. While running it with the VPC owner, both creations were successful. When running it with network owner I had the same results as you, however I do believe this is the correct outcome, since these accounts should not be able to access the the domain admin's resources such as the VPC. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
