Events RBAC via Policy

Registered by Matthew Edmonds

OpenStack needs to support granular, customizable Role-Based Access Control (RBAC) for ceilometer events. Policy should be dependent on policy.json rather than simply hard-coded.

Blueprint information

Status:
Complete
Approver:
gordon chung
Priority:
Medium
Drafter:
Matthew Edmonds
Direction:
Approved
Assignee:
Divya K Konoor
Definition:
Approved
Series goal:
Accepted for liberty
Implementation:
Implemented
Milestone target:
milestone icon 5.0.0
Started by
gordon chung
Completed by
gordon chung

Related branches

Sprints

Whiteboard

Gerrit topic: https://review.openstack.org/#q,topic:bp/events-rbac,n,z

Addressed by: https://review.openstack.org/211494
    Control Events RBAC from policy.json

Addressed by: https://review.openstack.org/211509
    Add user_id,project_id traits to audit events

Addressed by: https://review.openstack.org/212534
    Events RBAC needs scoped token

Addressed by: https://review.openstack.org/212557
    Events RBAC needs scoped token

Addressed by: https://review.openstack.org/217844
    WIP Event filtering for non-admin users

Gerrit topic: https://review.openstack.org/#q,topic:events-rbac,n,z

Addressed by: https://review.openstack.org/218706
    WIP restrict admin event access

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.

Subscribers

No subscribers.