Ask Your Question

Revision history [back]

If a user has an admin role in another domain, he can delete the instances of the other domain. Although you have created two different admins, the role "admin" remains the same.

Check /etc/keystone/policy.json file. There you will find which roles have access to what operations. If you want to disable the settings as per your requirement, you have to add the new role in the policy.json file.