Creating a policy sample containing cloud_admin, project_admin and project_member roles

Registered by Raildo Mascena de Sousa Filho on 2014-07-02

I was reading about how roles are defined in the policy of each service. Then I noticed that in Glance, tthere is policy.conf but not a policy sample about which roles must exist and their permissions, which complicates the organization of a cloud, especially for those just starting to use OpenStack.
So, the ideia is create a policy_sample.json, where was defined roles as a project_admin, cloud_admin and project_member and determine their permissions, making policy Glance closer to the business reality.

Blueprint information

Status:
Started
Approver:
None
Priority:
Undefined
Drafter:
Raildo Mascena de Sousa Filho
Direction:
Needs approval
Assignee:
Raildo Mascena de Sousa Filho
Definition:
New
Series goal:
None
Implementation:
Beta Available
Milestone target:
None
Started by
Raildo Mascena de Sousa Filho on 2014-07-21

Related branches

Sprints

Whiteboard

You should not set a milestone target unless the blueprint has been properly prioritized by the project drivers.
(This is an automated message)

Gerrit topic: https://review.openstack.org/#q,topic:bp/policy-sample,n,z

Addressed by: https://review.openstack.org/123216
        Creating a policy sample

Please submit a spec for this blueprint to glance-specs repo. The documentation is included in the repo README.rst. https://github.com/openstack/glance-specs/blob/master/README.rst - Erno

[Dave Chen] Hi Raildo Mascena de Sousa Filho, "cloud_admin", "project_admin", "project_member" is a good idea, I suggest to extent these roles to include read only admin role, just thought it would be different with project_member and current admin role, here is the link,
https://blueprints.launchpad.net/keystone/+spec/admin-readonly-role.
Maybe some united work would be done on this.

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.