Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1326390

Summary: [RFE] Implement Secure RBAC Project Scoped Personas within nova, placement
Product: Red Hat OpenStack Reporter: Jaison Raju <jraju>
Component: openstack-novaAssignee: Stephen Finucane <stephenfin>
Status: CLOSED ERRATA QA Contact: OSP DFG:Compute <osp-dfg-compute>
Severity: medium Docs Contact:
Priority: low    
Version: 7.0 (Kilo)CC: akaris, alee, alifshit, broose, cylopez, dasmith, djuran, egallen, eglynn, igarciam, jgrosso, jhakimra, jparker, jpretori, jraju, jschluet, kchamart, mariel, mburns, molasaga, morazi, mzheng, nkinder, nsatsia, pgrist, pveiga, ramishra, sbauza, scohen, sgordon, smooney, spower, srevivo, stephenfin, vromanso
Target Milestone: gaKeywords: FutureFeature, Patch, TechPreview, Triaged
Target Release: 17.1   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: openstack-nova-23.2.1-0.20220428212241.327693a.el9ost Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
: 1899906 (view as bug list) Environment:
Last Closed: 2023-08-16 01:09:22 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version: Wallaby
Embargoed:
Bug Depends On: 1228474, 1801416    
Bug Blocks: 1381612    

Description Jaison Raju 2016-04-12 15:00:33 UTC 
1. Proposed title of this feature request  
Need nova policy to be configured to include a read-only role .
  
3. What is the nature and description of the request?  
Customer has requirement of read-only admin role for all core services .

4. Why does the customer need this? (List the business requirements here)  
  A read-only admin user is necessary for customer environment .
  
Additional info:
The following bug is raised for keystone to add role .
This role can be configured in policy file .
Bug 1228474 - [RFE] Read only role for tenant access (edit)
Comment 2 Jaison Raju 2016-04-12 15:03:13 UTC 
https://blueprints.launchpad.net/keystone/+spec/admin-readonly-role
Comment 4 Stephen Gordon 2016-05-06 14:32:32 UTC 
Moving to rhos-11?/Ocata for now - this is a long term goal but the ultimate solution is unlikely to be backportable to earlier releases.
Comment 14 Stephen Finucane 2020-12-01 16:47:19 UTC 
*** Bug 1899906 has been marked as a duplicate of this bug. ***
Comment 16 Stephen Finucane 2021-02-10 16:06:20 UTC 
The placement patches have merged now
Comment 17 Stephen Finucane 2021-03-30 14:49:38 UTC 
*** Bug 1663544 has been marked as a duplicate of this bug. ***
Comment 46 errata-xmlrpc 2023-08-16 01:09:22 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Release of components for Red Hat OpenStack Platform 17.1 (Wallaby)), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2023:4577