quota set command doesn't work for a user with admin role on domain
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Neutron API Charm |
New
|
Undecided
|
Unassigned |
Bug Description
By default, only project admin is allowed to update quota, I tried to override neutron-api policy to allow a user with admin role on domain to set quota for network but it doesn't work. I am not sure if this is keystone bug or neutron-api bug
>> neutron-api override policy
"admin_required": "role:admin",
"admin_
"get_quota": "rule: admin_and_
"update_quota": "rule: admin_and_
"delete_quota": "rule: admin_and_
>>'openstack quota set' returned error:
$ openstack quota set --floating-ips 51 1508ac11c7bb413
HttpException: 403: Client Error for url: https:/
>>user role assignment
$ openstack role assignment list --names --user test-user
+------
| Role | User | Group | Project | Domain | System | Inherited |
+------
| member | test-user@
| Admin | test-user@
+------