1323208 – [RFE] Documentation on utilizing Role Base Access Control for Active Directory users for managing Multi-tenancy

Bug 1323208 - [RFE] Documentation on utilizing Role Base Access Control for Active Directory users for managing Multi-tenancy

Summary: [RFE] Documentation on utilizing Role Base Access Control for Active Director...

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Red Hat OpenStack
Classification:	Red Hat
Component:	documentation
Sub Component:
Version:	8.0 (Liberty)
Hardware:	x86_64
OS:	Linux
Priority:	unspecified
Severity:	medium
Target Milestone:	---
Target Release:	8.0 (Liberty)
Assignee:	RHOS Documentation Team
QA Contact:	RHOS Documentation Team
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2016-04-01 14:24 UTC by Sachin
Modified:	2019-10-10 11:45 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Doc Type:	Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed:	2018-03-19 17:10:42 UTC
Target Upstream Version:
Flags:	sacpatil: internal-review+ sacpatil: needinfo+

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Launchpad	1567446	0	None	None	None	2016-04-07 13:12:25 UTC

Description Sachin 2016-04-01 14:24:47 UTC

Description of problem:

One of our customer wants to configure RBAC for Active-Directory users accessing OpenStack dashboard to manage resources like instance & template creation, and multi-tenancy access etc. I have already provided following links:

1. https://access.redhat.com/documentation/en/red-hat-enterprise-linux-openstack-platform/7/users-and-identity-management-guide/chapter-1-user-and-role-management

2. https://access.redhat.com/documentation/en/red-hat-enterprise-linux-openstack-platform/7/users-and-identity-management-guide/chapter-3-identity-management#active-directory-integration

But seems like they want exclusive documentation on RBAC + AD + Multi-tenancy.



Version-Release number of selected component (if applicable):



How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

Comment 2 Martin Lopes 2016-04-07 04:58:40 UTC

Reviewing...

Comment 3 Sachin 2016-04-07 04:59:26 UTC

Customer also posted a use case which is simple hierarchical multi-tenancy:

"After creating a new project and allocating some amount of resources, we should be able to create a hierarchy of users like Project Manager (PM) having complete view of the project usage, then PM should be able to allocate resources to different sub-teams (like Dev, QA, Prod, etc), each sub-team leads having access to their allocated resources and able to manage the resources at their level with approval from the PM. All the users will be AD authenticated ones."

Comment 4 Sachin 2016-04-07 10:53:23 UTC

As the customer need assistance on implementation, I have redirected him to the consulting team.I think the document will be too specific to customer needs. 

If documentation team still wants to work on this, feel free to re-open this RFE.

Comment 6 Martin Lopes 2016-04-08 01:51:19 UTC

Re-opening RFE to document this use case, once this has been implemented:

https://bugs.launchpad.net/keystone/+bug/1567446

Note You need to log in before you can comment on or make changes to this bug.