Public bug reported: The example keystone v3 policy file should allow domain admin to get it's domain.
https://github.com/openstack/keystone/blob/master/etc/policy.v3cloudsample.json#L32 - "identity:get_domain": "rule:cloud_admin", + "identity:get_domain": "rule:cloud_admin or rule:admin_and_matching_domain_id", >From horizon this will give the Domain Admin a read only view of the Domain >containing the following data. Name Description Domain ID Enabled ** Affects: keystone Importance: Undecided Status: New -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to Keystone. https://bugs.launchpad.net/bugs/1480480 Title: keystone v3 example policy file should allow domain admin to get it's current domain Status in Keystone: New Bug description: The example keystone v3 policy file should allow domain admin to get it's domain. https://github.com/openstack/keystone/blob/master/etc/policy.v3cloudsample.json#L32 - "identity:get_domain": "rule:cloud_admin", + "identity:get_domain": "rule:cloud_admin or rule:admin_and_matching_domain_id", From horizon this will give the Domain Admin a read only view of the Domain containing the following data. Name Description Domain ID Enabled To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1480480/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : [email protected] Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
