RBAC "Access_as_external" multiple IDs in target_tenant
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron |
Invalid
|
Undecided
|
Unassigned |
Bug Description
On an admin tenant, with an admin user, I created an external network. This automatically creates and "access_
I deleted this RBAC policy and manually create a new one with two tenants IDs in the "target_tenant field".
$ openstack project list
+------
| ID | Name |
+------
| 1cdeee0a38b9438
| 8d3f62906c3949e
| a654338c862f401
| b0dc258dd3204bf
+------
$ neutron rbac-create admin-ext --action access_as_external --target-tenant a654338c862f401
Created a new rbac_policy:
+------
| Field | Value |
+------
| action | access_as_external |
| id | 3fc0bc16-
| object_id | 1f2405cd-
| object_type | network |
| target_tenant | a654338c862f401
| tenant_id | a654338c862f401
+------
$ . keystonerc_tenantA
$ neutron net-list
$
Reproduction:
1. create external network.
2. delete its "access_
3. Create a new rbac policy :
neutron rbac-create EXT_NET_ID --action access_as_external --target-tenant TENANT_
Version:
Mitaka on thel 7.2
$rpm -qa | grep neutron
python-
openstack-
openstack-
python-
python-
openstack-
openstack-
openstack-
packstack installation
All In One
description: | updated |
The appropriate way to create policies for multiple tenants is to create multiple policies.
neutron rbac-create admin-ext --action access_as_external --target-tenant a654338c862f401 a8665c3fbed289a 75 --type network
neutron rbac-create admin-ext --action access_as_external --target-tenant b0dc258dd3204bf 99750589d1ed239 96 --type network