Hide Forgot
Description of problem: Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. As the summary states , there are three zone roles , zone creator, zone admin and zone global user 2. Zone global user and zone creator can't see images launched by admin where as zone admin can . 3. AS the role name suggests it is zone admin then what difference does it make for viewing admin images. It should be same for all admin roles. Actual results: Expected results: Additional info: rpm -qa|grep aeolus aeolus-conductor-0.8.0-36.el6.noarch rubygem-aeolus-cli-0.3.0-10.el6.noarch aeolus-conductor-daemons-0.8.0-36.el6.noarch aeolus-configure-2.5.0-15.el6.noarch rubygem-aeolus-image-0.3.0-10.el6.noarch aeolus-all-0.8.0-36.el6.noarch aeolus-conductor-doc-0.8.0-36.el6.noarch
I think this is correct as stated. 'Zone Global User' isn't an admin role -- it's a role that lest a user access _any_ zone as a regular user (not sure how useful this role will be in practice, we added it before we had per-zone permissions UI). 'Zone Creator' just lets users create zones -- it really doesn't impart any rights to access any particular zones. Again now that we've created full Cloud/environment roles I don't know that we really need a global 'zone creator' role anymore, but it exists for now. 'Zone Administrator' is a true admin role -- it allows access to anything on the "front end" -- i.e. clouds, zones, instances, images etc. It does not impart provider, provider account, etc privileges. I think this is NOTABUG
ack