Ceilometer

support admin-only api access

Registered by gordon chung on 2013-10-17

the current acl conditions for ceilometer api are as follows: admins can query for any resource, regular users can only query for resources owned by the tenant they belong to.

as ceilometer collects more and more different types of data... some of the data collected may be 'privileged' data that only admins should have access to regardless of membership to a tenant (ie. audit data should only be visible to admins). we need to support this somehow.

Blueprint information

Status:: Complete

Approver:: None

Priority:: Undefined

Drafter:: None

Direction:: Needs approval

Assignee:: Igor Degtiarov

Definition:: Superseded

Series goal:: None

Implementation:: Unknown

Milestone target:: None

Completed by: gordon chung on 2015-07-14

Related branches

Related bugs

Sprints

Whiteboard

Gerrit topic: https://review.openstack.org/#q,topic:bug/1376915,n,z

Addressed by: https://review.openstack.org/130854
Block non-admin user to get meters

marking superseded as RBAC should be able to control this -- gordc (14.7.15)

(?)

Work Items

This blueprint contains Public information

Everyone can see this information.

Subscribers

Anna Sortland

Divya K Konoor

Geoff Arnold

Matthew Edmonds