Bug 905931

Summary: RFE : keystone should include predefined roles like network-admin, network-operator , tenant-admin , storage-admin ...
Product: Red Hat OpenStack Reporter: Ofer Blaut <oblaut>
Component: openstack-keystoneAssignee: Adam Young <ayoung>
Status: CLOSED WONTFIX QA Contact: Ami Jeain <ajeain>
Severity: low Docs Contact:
Priority: low    
Version: 2.0 (Folsom)CC: ayoung, dpal, jlennox, nkinder, sgordon, yeylon
Target Milestone: ---Keywords: FutureFeature
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-03-22 20:22:08 EDT Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description Ofer Blaut 2013-01-30 08:58:30 EST
Description of problem:

IMHO keystone should include predefined roles like network-admin, network-viewer ,network-operator , tenant-admin , storage-admin , storage-operator ....

These predefined role can secure and ease operation of tenants 

currently default role is admin .

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
Actual results:

Expected results:

Additional info:
Comment 3 Jamie Lennox 2015-03-22 20:22:08 EDT
This won't happen upstream. It is not considered keystone's job to dictate how deployments set up their roles. It is also non-trivial to provide this information by packaging as roles are stored in the database rather than config files which is not under the packages control. 

I think this deployment decisions like this should remain the domain of installers.