Hi Yuki,
Sounds good. The Congress team will be at Austin next week at the summit.
Most of the team will be at most of the events that you find by searching
for "Congress". Let us know if you want to meet face-to-face to discuss
further.
https://www.openstack.org/summit/austin-2016/summit-sched
Hi Tim,
Thanks.
Your information is very useful for me.
>I know someone was doing what you are proposing to implement a
sophisticated notion of quotas for Nova
I'll read later and make use of it as sample program.
>though there's been talk of a more dynamic policy.json in the past
I didn't know
Hi Yuki,
That description was very helpful. In short, policy.json doesn't work
because the person setting policy is not permitted to change policy.json
(which happens in part because policy.json has no API for controlling it).
In that case, using Congress makes sense. I know someone was doing w
Hi Masahito, Tim.
Thanks for your messages.
>> btw, I added [Congress] prefix in the subject.
Firstly thanks for your point, I'm beginner openstacker. So this
information is very useful.
Move to main topic.
>So as Masahito mentioned, if you provide more details about your use case
>(in particul
Hi Yuki,
As Masahito mentioned, the usual way to authorize API calls in OpenStack is
through policy.json. If I remember right, you can make a decision about
whether an API call is permitted using (i) all the values in the API call
and (ii) the Keystone role of the user making the request. I'm no
Hi Yuki,
This sounds interesting. AFAIK, there is no similar use-case you mentioned.
On 2016/04/15 10:13, Yuki Nisiwaki wrote:
Hi openstacker working on congress.
I want to implement the authorization mechanisms for each user, not role
base.
For example, User A can change security group, But U