Ask Your Question
0

create a user role to allow choosing "provider network type" [closed]

asked 2016-09-20 01:30:12 -0600

miggser007 gravatar image

Trying to create a role which allows a user to create networks in "admin-mode" did not work as expected.

I have mitaka running and created: * role: "team-admin" * assigned that role to a user / project * modified neutron policy.json with: "context_is_admin": "role:admin or role:team-admin",

Unfortunately, I'm still not able to create new networks and select a "provider network type".

What did I forgot? I can't find it in the manual(s).

Thanks for a hint.

edit retag flag offensive reopen merge delete

Closed for the following reason the question is answered, right answer was accepted by miggser007
close date 2016-09-30 04:04:38.096039

add a comment

1 answer

Sort by ยป oldest newest most voted
0

answered 2016-09-30 03:58:32 -0600

miggser007 gravatar image

updated 2016-09-30 04:03:42 -0600

Solved: This was the wrong approach, trying to modify roles.

Goal: I have 4 units with each 3 teams in it. Each team must be able to create instances, and each team must also be able to create instances on a _shared_ net for the respective unit. BUT unit 1 should _not_ see any instance of unit 2 and so on...

The problem: How can I create shared networks within a single unit:

Solution: The use of RBAC: Check the official openstack documentation of release mitaka => Networking-Guide => Config RBAC (http://docs.openstack.org/mitaka/networking-guide/config-rbac.html (http://docs.openstack.org/mitaka/netw...))

With that, it is easy to create a network we like to share with other tenants.

edit flag offensive delete link more
add a comment

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

subscribe to rss feed

Stats

Asked: 2016-09-20 01:30:12 -0600

Seen: 67 times

Last updated: Sep 30 '16

Related questions

Accidentally deleted the admin role from Openstack

Tenent and User Behavior

Keystone user-role-add : HTTP 409

Multiple Neutron node with external network

How to remote debug neutron?

Mitaka: Connectivity with VM is not stable, What to do?

Can I install open-stack mitaka without PUBLIC IPs???

"cinder" user role list for tenant "service"

TaaS with OpenStack Mitaka

neutron TypeError: Client() takes at least 1 argument (0 given)