Thanks, that is just what i'm looking foor. This will only be available in the final Essex release of OpenStack right?
In regards to the side note, i was hoping to restrict that flavor to the tenant in which it was created. Although if it isn't possible, i suppose it could do no harm, assuming per tenant quotas are in place. Regards, Leander On Fri, Feb 17, 2012 at 2:50 PM, Jay Pipes <[email protected]> wrote: > On 02/17/2012 06:31 AM, Leander Bessa wrote: > >> Hello, >> >> I was wondering if it would be possible to create custom roles in >> keystone. For instance, i would like to create a role which would allow >> a project owner to create/remove flavors without the intervention of an >> admin account. >> > > I *think* this should be possible with the new policy support that was > recently added. > > Check out the /etc/nova/policy.json file. You should be able to edit that > file to customize access to specific resource actions for a new role... > (hint: look for compute_extension:**flavormanage) > > That said, policy.json is pretty undocumented, and when I wrote the doc > for Glance's similar policy.json support (http://glance.openstack.org/** > policies.html <http://glance.openstack.org/policies.html>) I knew I was > missing a lot of context. Hopefully Brian Waldon (cc'd) can provide some > more help to you. > > Sidenote, though... if you allow a custom role to create a new flavor, > would you allow anyone to launch an instance with that flavor? > > -jay > > ______________________________**_________________ > Mailing list: > https://launchpad.net/~**openstack<https://launchpad.net/~openstack> > Post to : [email protected] > Unsubscribe : > https://launchpad.net/~**openstack<https://launchpad.net/~openstack> > More help : > https://help.launchpad.net/**ListHelp<https://help.launchpad.net/ListHelp> >
_______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : [email protected] Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
