Ask Your Question
0

create a user role to allow choosing "provider network type" [closed]

asked 2016-09-20 01:30:12 -0500

miggser007 gravatar image

Trying to create a role which allows a user to create networks in "admin-mode" did not work as expected.

I have mitaka running and created: * role: "team-admin" * assigned that role to a user / project * modified neutron policy.json with: "context_is_admin": "role:admin or role:team-admin",

Unfortunately, I'm still not able to create new networks and select a "provider network type".

What did I forgot? I can't find it in the manual(s).

Thanks for a hint.

edit retag flag offensive reopen merge delete

Closed for the following reason the question is answered, right answer was accepted by miggser007
close date 2016-09-30 04:04:38.096039

1 answer

Sort by ยป oldest newest most voted
0

answered 2016-09-30 03:58:32 -0500

miggser007 gravatar image

updated 2016-09-30 04:03:42 -0500

Solved: This was the wrong approach, trying to modify roles.

Goal: I have 4 units with each 3 teams in it. Each team must be able to create instances, and each team must also be able to create instances on a _shared_ net for the respective unit. BUT unit 1 should _not_ see any instance of unit 2 and so on...

The problem: How can I create shared networks within a single unit:

Solution: The use of RBAC: Check the official openstack documentation of release mitaka => Networking-Guide => Config RBAC (http://docs.openstack.org/mitaka/networking-guide/config-rbac.html (http://docs.openstack.org/mitaka/netw...))

With that, it is easy to create a network we like to share with other tenants.

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2016-09-20 01:30:12 -0500

Seen: 59 times

Last updated: Sep 30 '16