RBAC -access_as_external lack of flexibility
Bug #1581929 reported by
Alex Stafeyev
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron |
Expired
|
Undecided
|
Unassigned |
Bug Description
If we have an external network, with default rbac policy, and even 1 tenant is using this network, we can not delete the default rbac policy in order to decide to which tenants this network will be exposed.
In this situation the network will be exposed to all tenants unless the admin first disconnects ( clears the network ports from all tenants - Router gw/Vms usage, etc ) the using tenant and then makes the needed changes.
In a situation with many tenants this will be non user friendly.
MITAKA.
description: | updated |
To post a comment you must log in.
You should be able to grant access to the specific tenant that is using the network and then remove the wildcard policy.