OpenStack Designate Charm

  1. Bug #1808590
  2. Comment #1

Comment 1 for bug 1808590

Revision history for this message
David Ames (thedac) wrote : Re: Designate does not allow a zone to be shared across domains

We will need to check policy.json with users in two different domains:

Create auth_v3_token_admin.json based on https://github.com/openstack/oslo.policy/blob/master/sample_data/auth_v3_token_admin.json.

Generate the policy file from defaults in code:
oslopolicy-policy-generator --config-dir /etc/designate/ --output-file policy.json --namespace designate
Check what passes and what does not.
oslopolicy-checker --access ./auth_v3_token_admin.json --policy ./policy.json