RBAC -access_as_external lack of flexibility
Bug #1581929 reported by
Alex Stafeyev
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| neutron |
Expired
|
Undecided
|
Unassigned | ||
Bug Description
If we have an external network, with default rbac policy, and even 1 tenant is using this network, we can not delete the default rbac policy in order to decide to which tenants this network will be exposed.
In this situation the network will be exposed to all tenants unless the admin first disconnects ( clears the network ports from all tenants - Router gw/Vms usage, etc ) the using tenant and then makes the needed changes.
In a situation with many tenants this will be non user friendly.
MITAKA.
Revision history for this message
| Kevin Benton (kevinbenton) wrote | #1 |
| Changed in neutron: | |
| status: | New → Incomplete |
| description: | updated |
Revision history for this message
| Alex Stafeyev (astafeye) wrote | #2 |
Revision history for this message
| Launchpad Janitor (janitor) wrote | #3 |
| Changed in neutron: | |
| status: | Incomplete → Expired |
Revision history for this message
| Kevin Benton (kevinbenton) wrote | #4 |
To post a comment you must log in.
You should be able to grant access to the specific tenant that is using the network and then remove the wildcard policy.