Public bug reported:
My OpenStack version is Mitaka.
With an admin domain-scoped token, a domain admin cannot list role
assignments on the project in the domain. The error messages are:
{
"error": {
"code": 403,
"message": "You are not authorized to perform the requested action:
identity:list_role_assignments",
"title": "Forbidden"
}
}
I am currently using a workaround: adding include_subtree=true to use
"identity:list_role_assignments_for_tree".
** Affects: keystone
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1630434
Title:
policy.v3cloudsample.json doesn't allow domain admin list role
assignments on project
Status in OpenStack Identity (keystone):
New
Bug description:
My OpenStack version is Mitaka.
With an admin domain-scoped token, a domain admin cannot list role
assignments on the project in the domain. The error messages are:
{
"error": {
"code": 403,
"message": "You are not authorized to perform the requested action:
identity:list_role_assignments",
"title": "Forbidden"
}
}
I am currently using a workaround: adding include_subtree=true to use
"identity:list_role_assignments_for_tree".
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1630434/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : [email protected]
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
