OpenStack Identity (keystone)

Role Check from Keystonemiddleware

Registered by Adam Young on 2016-10-29

Role Based Access Control requires administration of both the roles assigned
to users and the rules that determine what role can perform what action. To
date, OpenStack has made role assignment fairly easy to use, but modification
of policy files has been manual, decentralized, and inconsistent.

Read the full specification

Blueprint information

Status:: Complete

Approver:: Steve Martinelli

Priority:: Medium

Drafter:: Adam Young

Direction:: Approved

Assignee:: Adam Young

Definition:: Obsolete

Series goal:: None

Implementation:: Good progress

Milestone target:: None

Started by: Steve Martinelli on 2016-12-31

Completed by: Colleen Murphy on 2019-02-13

Related branches

Related bugs

Sprints

Whiteboard

Gerrit topic: https://review.openstack.org/#q,topic:token-verify-role-check,n,z

Addressed by: https://review.openstack.org/391624
Token Verify Role Check

Gerrit topic: https://review.openstack.org/#q,topic:bp/token-verify-role-check,n,z

Addressed by: https://review.openstack.org/401808
URL pattern based RBAC Management Interface

Gerrit topic: https://review.openstack.org/#q,topic:bp/role-check-from-middleware,n,z

Addressed by: https://review.openstack.org/456692
Expand the route tables to include a body key

Addressed by: https://review.openstack.org/458047
Route based RBAC Management Bulk API

Rejected in https://review.openstack.org/523210

(?)

Work Items

This blueprint contains Public information

Everyone can see this information.

Subscribers

Adam Dorenter

Nobuto Murata