Hi Sam, is what you're trying to do tantamount to creating a port on a network whose tenant_id is different from the network's tenant_id? We have at the moment a fairly strict ownership check - which does not allow even admin users to do this operation.
I do not have a strong opinion against relaxing the check, and allowing admin users to create ports on any network - I don't think this would constitute a potential vulnerability, as in neutron is someone's manages to impersonate an admin user, he/she can make much more damage. Salvatore On 31 July 2013 16:11, Samuel Bercovici <[email protected]> wrote: > Hi All,**** > > ** ** > > We are providing load balancing services via virtual machines running > under an admin tenant that needs to be connected to VMs attached to a > non-shared/private tenant network.**** > > The virtual machine fails to be provisioned connected to the private > tenant network event if it is provisioned using the admin user which has > admin role on both tenants. **** > > Please advise?**** > > ** ** > > Best Regards,**** > > -Sam.**** > > ** ** > > _______________________________________________ > OpenStack-dev mailing list > [email protected] > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > >
_______________________________________________ OpenStack-dev mailing list [email protected] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
