Public bug reported: Changing a resource's domain_id, specially a project, is not something we want, as discussed at the last topic of: http://eavesdrop.openstack.org/meetings/keystone/2015/keystone.2015-07-21-18.01.log.html
This could cause some security problems as well as hierarchy's inconsistency, once it'll require the whole hierarchy to be changed, when changing a parent project's domain_id. We shall deprecate the 'domain_id_immutable' property (https://github.com/openstack/keystone/blob/master/etc/keystone.conf.sample#L66) to remove it in the future and for now, show a warning if it is set false. ** Affects: keystone Importance: Undecided Status: New -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to Keystone. https://bugs.launchpad.net/bugs/1479452 Title: Changing resource's domain_id should not be possible Status in Keystone: New Bug description: Changing a resource's domain_id, specially a project, is not something we want, as discussed at the last topic of: http://eavesdrop.openstack.org/meetings/keystone/2015/keystone.2015-07-21-18.01.log.html This could cause some security problems as well as hierarchy's inconsistency, once it'll require the whole hierarchy to be changed, when changing a parent project's domain_id. We shall deprecate the 'domain_id_immutable' property (https://github.com/openstack/keystone/blob/master/etc/keystone.conf.sample#L66) to remove it in the future and for now, show a warning if it is set false. To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1479452/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
