Comment 1 for bug 1780424

Revision history for this message
ram yadav (ryadav) wrote :

Edouard,
I’m not very clear on the discussion here but let me summarize my understating:
1. perm2.owner field is set in the API server when RBAC is enabled. And API server uses keystone credentials for the same.I’m hoping HTTP_X_PROJECT_ID request is used with reference to keystone request.
2. Since keystone equivalent is not supported in vCenter we don’t have RBAC support for vCenter ( same I hope for kubernetes, but will let someone from kubernetes team confirm it.)
3. Since perms2.owner is not set via vCenter plugin, it defaults to ‘cloud-admin’ since RBAC is not enabled and hence API server cannot use keystone to get the perm2.owner.

Given above understanding are you asking vCenter plugin to set the perm2.owner field for VM’s created? Is it possible to set it internally in the API server, instead of each plugin setting it?

Thanks,
Ram