>From description of use case, looks like you want 'service user' to access any
>tenant resource regardless of that user has a tenant role or not and without
>explicit read assignment on that resource. This can be done via a customized
>policy where related 'get' calls are allowed access for
the whole logic of being available.
About the keyrings, How do we tackle if a service is using JSON API calls and
not python clients?
Thanks,
-Ravi.
On Tue, Jun 18, 2013 at 6:37 PM, Adam Young
ayo...@redhat.commailto:ayo...@redhat.com wrote:
On 06/18/2013 09:13 PM, Kant, Arun wrote:
The issue