Ask Your Question
0

modify policy for security group on neutron

asked 2015-05-11 03:47:21 -0500

giusy gravatar image

Dear all,

in our openstack cluster, we would restrict the actions that users can do with security group and security group rules.

Here's what we'd like to achieve: 1. Lock down security group (and rules) so that only admin (or tenant admin?) can modify them. 2. Add additional rules to the default security group.

Can you please give me some advices on how to achieve these goals?

Thanks in advance, Giusy

edit retag flag offensive close merge delete

2 answers

Sort by ยป oldest newest most voted
0

answered 2015-05-12 03:25:33 -0500

giusy gravatar image

Hi Antonio, thanks for the reply. We are using neutron, not nova network. So I don't achieve my goals by changing the security groups directives in /etc/nova/policy.json file.

edit flag offensive delete link more
0

answered 2015-05-11 15:32:02 -0500

Usually for this kind of tasks you should modify policy.json file for the specific service. In your case I think you should change security_groups directives in your /etc/nova/policy.json file.

Try reading this for user management and this for nova policy.json

edit flag offensive delete link more

Comments

Hi Antonio, thanks for the reply. We are using neutron, not nova network. So I don't achieve my goals by changing the security groups directives in /etc/nova/policy.json file. Have you any other suggestion? Thanks. Giusy

giusy gravatar imagegiusy ( 2015-05-13 08:09:36 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2015-05-11 03:47:21 -0500

Seen: 403 times

Last updated: May 12 '15