-dev]
[keystone][nova][cinder][glance][neutron][horizon][policy] defining admin-ness
I'd like to fill in a little more context here. I see three options with the
current two proposals.
Option 1
Use a special admin project to denote elevated privileges. For those unfamiliar
with the approach
On 25/05/17 07:47, Lance Bragstad wrote:
> *Option 2*
>
> Implement global role assignments in keystone.
> /
> /
> /How it works:/
> /
> /
> Role assignments in keystone can be scoped to global context. Users
> can then ask for a globally scoped token
>
> Pros:
> - This approach represents a
I'd like to fill in a little more context here. I see three options with
the current two proposals.
*Option 1*
Use a special admin project to denote elevated privileges. For those
unfamiliar with the approach, it would rely on every deployment having an
"admin" project defined in configuration
Hey all,
To date we have two proposed solutions for tackling the admin-ness issue we
have across the services. One builds on the existing scope concepts by
scoping to an admin project [0]. The other introduces global role
assignments [1] as a way to denote elevated privileges.
I'd like to get