Implement neutron RBAC commands
Implement neutron RBAC commands
neutronclient has the following RBAC commands that need to be implemented in openstackclient
- rbac-create
- rbac-delete
- rbac-list
- rbac-show
- rbac-update (OSC may need both set and unset commands)
Blueprint information
- Status:
- Complete
- Approver:
- Richard Theis
- Priority:
- Medium
- Drafter:
- Richard Theis
- Direction:
- Approved
- Assignee:
- ting.wang
- Definition:
- Approved
- Series goal:
- None
- Implementation:
- Implemented
- Milestone target:
- None
- Started by
- Richard Theis
- Completed by
- Richard Theis
Related branches
Related bugs
Sprints
Whiteboard
08/10/2016 (rtheis): I think this work is completed. If not complete, please update the blueprint description with the remaining work.
According to NeutronClient, rbac command only support update the target_tenant of a rbac policy object. So, maybe it don't necessary to need unset command in OSC.
This part aims to explain how I plan to implement command 'openstack rbac list' and 'openstack rbac show'[1]
$neutron rbac-list
+------
| id | object_type | object_id |
+------
| 374f5ea8-
| f1af9230-
+------
In neutronclient, there are not any optional arguments in command 'rbac-list' although the response looks like this:
RESP BODY: {"rbac_policies": [{"target_tenant": "*", "tenant_id": "82c2afcd955e4b
The other arguments like "target_tenant" will be displayed when we execute command "neutron rbac show ***".
Similarly, executing command "openstack rbac list" will return result like this:
$ openstack rbac list
+------
| ID | Object_type | Object_id |
+------
| 374f5ea8-
| f1af9230-
+------
and no optional arguments supplied.
And executing command 'openstack rbac show' will output the other information.
$ openstack rbac show 374f5ea8-
+------
| Field | Value |
+------
| action | access_as_external |
| id | 374f5ea8-
| object_id | a6511829-
| object_type | network |
| project_id | 82c2afcd955e4b2
| target_tenant | * |
+------
ref:
[1]about rbac in neutron:
https:/
Gerrit topic: https:/
Addressed by: https:/
Implement rbac list and show command
Addressed by: https:/
Implement network rbac create and delete commands
Addressed by: https:/
Implement "network rbac set" command