Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

Is this a scenario where, if the keypair is created by one user of a tenant, it cannot be deleted by another user of the same tenant? Are there openstack resources that are owned by specific users of the tenant, and can only be deleted by the same user that created it?

Is this I have also run into a somewhat related scenario where, if the keypair is created by one user that I thought might be useful to mention here. If user-1 of tenant-a runs a tenant, heat stack that creates a keypair, it cannot be deleted by another user of the same tenant? tenant due to issues revolving around the management/ownership of security keypair. Are there openstack resources that are owned by specific users There is a bug report for this issue: https://bugs.launchpad.net/heat/+bug/1308834

I have tested this in Juno 2014.2.1, and the deletion of the tenant, stack created by user-1 works for user-2, but it seems the keypair that was originally created by user-1 from with-in the heat stack does not get deleted and can only be deleted by remains associated with user-1. This may cause problems down the same user that created it?road if user-1 tries to rerun the heat stack since it will fail to create the keypair, since it already exists.

I have also run into a somewhat related scenario that I thought might be useful to mention here. If user-1 of tenant-a runs a heat stack that creates a keypair, it cannot be deleted by another user of the same tenant due to issues revolving around the management/ownership of security keypair. There is a bug report for this issue: https://bugs.launchpad.net/heat/+bug/1308834

The change made by this bug report seems to be part of Juno 2014.2. I have tested this in Juno 2014.2.1, and the deletion of the stack created by user-1 now works for user-2, but it seems the keypair that was originally created by user-1 from with-in the heat stack does not get deleted and remains associated with user-1. This may cause problems down the road if user-1 tries to rerun the heat stack since it will fail to create the keypair, since it already exists.