Lack rights for regular user: unability to create ec2 credentials

Bug #1675377 reported by Andriy Kurilin
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Identity (keystone)
Fix Released
High
David Stanek

Bug Description

As a regular OpenStack user, I was able to create ec2 credentials without "admin" rights. It was possible before merging one of the recent changes (Presumably, this one - [0]). Now, I'm getting an error "You are not authorized to perform the requested action: identity:ec2_create_credential."[1]

[0] - https://github.com/openstack/keystone/commit/e2949253176b6bf7f9e3ef1ac2793e4abd6382ca
[1] - http://logs.openstack.org/75/429175/16/check/gate-rally-dsvm-rally-ubuntu-xenial/16674c1/rally-plot/results.html.gz#/KeystoneBasic.create_and_delete_ec2credential/failures

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to keystone (master)

Fix proposed to branch: master
Review: https://review.openstack.org/449161

Changed in keystone:
assignee: nobody → David Stanek (dstanek)
status: New → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to keystone (master)

Reviewed: https://review.openstack.org/449161
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=72216757991a2120bb81e0003496eee908373b0c
Submitter: Jenkins
Branch: master

commit 72216757991a2120bb81e0003496eee908373b0c
Author: David Stanek <email address hidden>
Date: Thu Mar 23 13:50:40 2017 +0000

    Set the correct in-code policy for ec2 operations

    In I8bd0fa342cdfee00acd3c7a33f7232fe0a87e23f we moved some of the policy
    defaults into code. Some of the policy were accidentally changed.

    Change-Id: Ib744317025d928c7397ab00dc706172592a9abaf
    Closes-Bug: #1675377

Changed in keystone:
status: In Progress → Fix Released
Changed in keystone:
milestone: none → pike-1
importance: Undecided → High
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/keystone 12.0.0.0b1

This issue was fixed in the openstack/keystone 12.0.0.0b1 development milestone.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.