OpenStack Searchlight

RBAC for sharing networks within a group of tenants

Registered by Lakshmi N Sampath

RBAC for sharing networks across a group of networks needs to be added.
First it needs to be added to the network plugin to store the information on network document on all the tenant id's which can access the network.
See the spec.
https://specs.openstack.org/openstack/neutron-specs/specs/liberty/rbac-networks.html
You could create new rbac policy using
neutron rbac-create --type network --target-tenant <tenant_id> --action access_as_shared <network_id>
neutron rbac-list
neutron rbac-show <rbac_policy_id>
I found this url to be very useful for rbac commands. https://developer.rackspace.com/blog/A-First-Look-at-RBAC-in-the-Liberty-Release-of-Neutron/

Blueprint information

Status:
Complete
Approver:
None
Priority:
Medium
Drafter:
Lakshmi N Sampath
Direction:
Approved
Assignee:
Rick Aulino
Definition:
Approved
Series goal:
Accepted for newton
Implementation:
Implemented
Milestone target:
milestone icon newton-rc2
Started by
Travis Tripp
Completed by
Travis Tripp

Related branches

Sprints

Whiteboard

[TravT] Please see: policy-driven-rbac https://blueprints.launchpad.net/searchlight We need to reconcile the two

Gerrit topic: https://review.openstack.org/#q,topic:bp/neutron-tenant-rbac,n,z

Addressed by: https://review.openstack.org/348701
    RBAC for network sharing

Addressed by: https://review.openstack.org/377799
    RBAC for network sharing

(?)

Work Items

Nearby

This blueprint contains Public information 
Everyone can see this information.
Edit subscription

Subscribers

No subscribers.