Bug 1334365

Summary: [RFE] Domain Specific Roles
Product: Red Hat OpenStack Reporter: Maxime Payant-Chartier <mpayantc>
Component: openstack-keystoneAssignee: John Dennis <jdennis>
Status: CLOSED ERRATA QA Contact: Rodrigo Duarte <rduartes>
Severity: high Docs Contact:
Priority: low    
Version: 9.0 (Mitaka)CC: acanan, ayoung, jdennis, jdonohue, kbasil, mburns, nkinder, nlevinki, rcritten, sclewis, srevivo
Target Milestone: Upstream M3Keywords: FutureFeature, Triaged
Target Release: 11.0 (Ocata)   
Hardware: Unspecified   
OS: Unspecified   
URL: https://blueprints.launchpad.net/keystone/+spec/domain-specific-roles
Whiteboard: upstream_milestone_mitaka-3 upstream_definition_approved upstream_status_implemented
Fixed In Version: openstack-keystone-11.0.0-0.20170114233131.d6410bf.el7ost Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-05-17 19:29:41 UTC Type: Feature Request
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Bug Depends On:    
Bug Blocks: 1336839, 1421551    

Description Maxime Payant-Chartier 2016-05-09 12:43:49 UTC
Cloned from launchpad blueprint: https://blueprints.launchpad.net/keystone/+spec/domain-specific-roles

Support the concept of domain specific roles that allows a domain administrators to better model the role usage, and map a role name that is meaningful to them onto global roles that are referenced in policy files.

Comment 4 Adam Young 2016-08-12 15:01:11 UTC
So the OSP9 support in Keystone is there.  What is missing is the CLI support.  It was supposed to be done this release, but other priorities have bumped it.  DOmains specific roles can be managed only via Curl or the Python API.

Comment 10 errata-xmlrpc 2017-05-17 19:29:41 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2017:1245