Some questions:
- Is there a concept of generic permission (any action, any resource etc.)?
There shouldn't be a need to define hundreds of explicit permissions for admin
account.
- I think it would be good to have a notion of parent policy. This will avoid
duplication of permissions.
- Can
On Jan 21, 2014, at 10:57 PM, Prachi Damle prachi.da...@citrix.com wrote:
Min and myself would like to propose an identity and access management plugin
for CloudStack for the ACS 4.4 release.
Here is the functional spec we have drafted for the first phase:
of control and information to save.
-
Thanks,
Rajani
From: Prachi Damle [prachi.da...@citrix.com]
Sent: Wednesday, January 22, 2014 3:27 AM
To: dev@cloudstack.apache.org
Subject: [Proposal]CloudStack IAM plugin feature (CLOUDSTACK-5920)
Min and myself would
Hi Koushik,
See my answers in line.
Thanks.
-min
On 1/22/14 12:30 AM, Koushik Das koushik@citrix.com wrote:
Some questions:
- Is there a concept of generic permission (any action, any resource
etc.)? There shouldn't be a need to define hundreds of explicit
consider figuring out a way to categorize APIs
to that level.
-
Thanks,
Rajani
From: Prachi Damle [prachi.da...@citrix.com]
Sent: Wednesday, January 22, 2014 3:27 AM
To: dev@cloudstack.apache.org
Subject: [Proposal]CloudStack IAM plugin feature
-Original Message-
From: Min Chen [mailto:min.c...@citrix.com]
Sent: Wednesday, January 22, 2014 10:16 AM
To: dev@cloudstack.apache.org
Subject: Re: [Proposal]CloudStack IAM plugin feature (CLOUDSTACK-5920)
Hi Rajani,
See my answers in line.
Thanks
On 1/22/14 6:29 AM
-Original Message-
From: sebgoa [mailto:run...@gmail.com]
Sent: Wednesday, January 22, 2014 12:41 AM
To: dev@cloudstack.apache.org
Subject: Re: [Proposal]CloudStack IAM plugin feature (CLOUDSTACK-5920)
On Jan 21, 2014, at 10:57 PM, Prachi Damle prachi.da...@citrix.com wrote:
Min
Min and myself would like to propose an identity and access management plugin
for CloudStack for the ACS 4.4 release.
Here is the functional spec we have drafted for the first phase:
https://cwiki.apache.org/confluence/display/CLOUDSTACK/CloudStack+Identity+and+Access+Management+%28IAM%29+Plugin
On Tue, Jan 21, 2014 at 10:57 PM, Prachi Damle prachi.da...@citrix.comwrote:
Min and myself would like to propose an identity and access management
plugin for CloudStack for the ACS 4.4 release.
Here is the functional spec we have drafted for the first phase:
SAML 2.0 is not precluded with this design, it seems.
I found the FS both confusing and illuminating. I think what confuses me
is the interchange of 'acl', 'iam' and 'policy'.
Especially since ACL is used in the networking context.
IMO, renaming the tables and APIs to not use ACL but IAM would
Also not clear on how the dedicateXyZ problem is being solved in Phase1
(or not).
Can I (end user) create a VPC and allow user Bob to create VMs in my VPC?
On 1/21/14 4:20 PM, Chiradeep Vittal chiradeep.vit...@citrix.com wrote:
SAML 2.0 is not precluded with this design, it seems.
I found the FS
Some answers inline.
Prachi
-Original Message-
From: Chiradeep Vittal [mailto:chiradeep.vit...@citrix.com]
Sent: Tuesday, January 21, 2014 4:20 PM
To: dev@cloudstack.apache.org
Subject: Re: [Proposal]CloudStack IAM plugin feature (CLOUDSTACK-5920)
SAML 2.0 is not precluded
12 matches
Mail list logo