On 16/03/14 06:04, Clint Byrum wrote: > I think you can achieve this level of protection simply by denying > interactive users the rights to delete individual things directly, and > using stop instead of delete. Then have something else (cron?) clean up > stopped instances after a safety period has been reached.
I would be very interested in the approach to determining the optimal value for that safety period you are mentioning. Or is this going to be left as an exercise for the reader? (That is, set in the configuration, so that the users have to somehow perform this impossible task.) -- Radomir Dopieralski _______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev