See the commit that just merged:
https://review.openstack.org/#/c/240719/
You could create a role called "observer" or "auditor" on the admin
project, and modify the policy files for the services you want so that
users with "auditor" with tokens that have "is_admin_project" set can
read the data for that API.
Can you enumerate the APIS you want to call this way?
this will probably need a patch in ceilometer. it currently is
configured to limit results to a matching project of user. if this
functionality is required, you should raise it on dev list or as a bug.
cheers,
--
gord
_______________________________________________
OpenStack-operators mailing list
OpenStack-operators@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators