David Matteson created CLOUDSTACK-5136:
------------------------------------------
Summary: Domain admin cannot create accounts/users.
Key: CLOUDSTACK-5136
URL: https://issues.apache.org/jira/browse/CLOUDSTACK-5136
Project: CloudStack
Issue Type: Improvement
Security Level: Public (Anyone can view this level - this is the default.)
Components: API
Affects Versions: 4.2.0
Reporter: David Matteson
Fix For: Future
Currently a Domain Admin cannot create accounts. This means that allowing
Reselling of CloudStack services is not really viable at the moment since any
Resellers won't be able to create accounts for their customers, unless we give
that Reseller ROOT admin access. Which is obviously not ideal.
Since Domain Admin already exists as an established access level, and adding
more functionality that they currently don't have would possibly negatively
impact people who are relying on it in production, perhaps a new level of admin
is needed between Domain and ROOT?
This new tier that would facilitate Reseller accounts would need everything
Domain Admins have plus CreateAccount/CreateUser for their domain and Usage
Record access for their domain.
Obviously even better than this would be an admin tier where you could specify
what they had access to but that's obviously more complicated.
--
This message was sent by Atlassian JIRA
(v6.1#6144)
