Make Cinder Consistent and Secure RBAC Ready

Registered by Brian Rosmaita

Revise Cinder's policy definitions to support the community-wide Consistent and Secure RBAC effort.

In Yoga:
- make Cinder recognize system scope
- modify the system-admin persona to be recognized by having admin role on a system
- add the system-reader persona
- add the project-admin persona

There will also have to be adjustments made to the API and cinderclient to handle the project_id-in-the-URL issue. This is that users with system scope are not required to be in a project, so there's no project_id for them to include in the URL, and any keystone templating that requires a project_id in the URL won't include a cinder URL for them in their service catalog.

Blueprint information

Status:
Not started
Approver:
None
Priority:
High
Drafter:
Brian Rosmaita
Direction:
Needs approval
Assignee:
None
Definition:
New
Series goal:
Accepted for yoga
Implementation:
Unknown
Milestone target:
None

Related branches

Sprints

Whiteboard

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.

Subscribers

No subscribers.