-dev]
[keystone][nova][cinder][glance][neutron][horizon][policy] defining admin-ness
I'd like to fill in a little more context here. I see three options with the
current two proposals.
Option 1
Use a special admin project to denote elevated privileges. For those unfamiliar
with the approac
On 25/05/17 07:47, Lance Bragstad wrote:
> *Option 2*
>
> Implement global role assignments in keystone.
> /
> /
> /How it works:/
> /
> /
> Role assignments in keystone can be scoped to global context. Users
> can then ask for a globally scoped token
>
> Pros:
> - This approach represents a mo
I'd like to fill in a little more context here. I see three options with
the current two proposals.
*Option 1*
Use a special admin project to denote elevated privileges. For those
unfamiliar with the approach, it would rely on every deployment having an
"admin" project defined in configuration [0
Hey all,
To date we have two proposed solutions for tackling the admin-ness issue we
have across the services. One builds on the existing scope concepts by
scoping to an admin project [0]. The other introduces global role
assignments [1] as a way to denote elevated privileges.
I'd like to get som