Hi fellow Stackers, I am reading http://keystone.openstack.org/configuringservices.html, and it appears that for service registration, all services (or rather service users) reside within the same tenant with the same Admin role. So, if I understand it correctly, it is then possible that a service user for Nova can actually accidentally nuke an endpoint for a Glance service, for example? Don't we want isolation among services, i.e., a user owning one service may not modify another service that he/she did not create?
Thanks, Liem _______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : [email protected] Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
