Also, you might need to change OS_AUTH_URL to /v3/ or to unversioned.
Policy works only with v3 api. In v2 you are either admin or user, and
there are no policies or roles.
On 07/19/2016 10:08 PM, Boris Bobrov wrote:
Hi,
Try passing --os-identity-api-version=3 to `openstack`. Or set env
6 at 11:56 AM
To:
"openstack-dev@lists.openstack.org<mailto:openstack-dev@lists.openstack.org>"
<openstack-dev@lists.openstack.org<mailto:openstack-dev@lists.openstack.org>>
Subject: [openstack-dev] [Keystone]: Help needed with RBAC policies
Hi folks,
I have been trying to modify
Hi,
Try passing --os-identity-api-version=3 to `openstack`. Or set env
variable OS_IDENTITY_API_VERSION=3.
On 07/19/2016 09:56 PM, Nasim, Kam wrote:
Hi folks,
I have been trying to modify the default RBAC policies in keystone/policy.json
however my policy changes don't seem to be
Hi folks,
I have been trying to modify the default RBAC policies in keystone/policy.json
however my policy changes don't seem to be enforced.
As a quick test, I modified the identity:list_users policy to:
"identity:list_users": "role:kam",
There is no role called "kam" defined in my