Public bug reported: Project resources in keystone can be tagged with endpoints. Operations for managing project endpoints should only be managed by system administrators and not project-level or domain-level users.
The policies that protect the project endpoints should understand system-scope [0]. [0] https://opendev.org/openstack/keystone/src/commit/18e0080af3dcc0a96ff5d98aeb5f517080a35fb2/keystone/common/policies/project_endpoint.py#L19-L66 ** Affects: keystone Importance: Undecided Assignee: Vishakha Agarwal (vishakha.agarwal) Status: New ** Changed in: keystone Assignee: (unassigned) => Vishakha Agarwal (vishakha.agarwal) -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Identity (keystone). https://bugs.launchpad.net/bugs/1844664 Title: Project Endpoints should account for system scopes Status in OpenStack Identity (keystone): New Bug description: Project resources in keystone can be tagged with endpoints. Operations for managing project endpoints should only be managed by system administrators and not project-level or domain-level users. The policies that protect the project endpoints should understand system-scope [0]. [0] https://opendev.org/openstack/keystone/src/commit/18e0080af3dcc0a96ff5d98aeb5f517080a35fb2/keystone/common/policies/project_endpoint.py#L19-L66 To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1844664/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : [email protected] Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
