Creating an Openstack user with only reboot permissions

asked 2014-05-23 07:22:41 -0500

eandersson gravatar image

What is the best approach for setting up an Openstack user that is limited to only rebooting servers using the Web API.

  • The user needs to be able to access servers under different tenants, by using the instance id for look-up.
  • The user should be limited to rebooting servers.

From my understanding this needs to be done using the (policy.json) file, but I not know what the best approach would be. I also have to keep in mind future needs, like what if we need to create a new user with similar permissions, or modify the existing one to be able to start and stop servers.

The most important aspect of this is to keep it clean, so that it can easily be applied using tools like (puppet) or (chef).

edit retag flag offensive close merge delete