OpenStack Identity (keystone)

RFE: Resource Options Implemented for all Resource Types

Bug #1807751 reported by Morgan Fainberg
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Identity (keystone)
In Progress
Wishlist
Unassigned

Bug Description

Resource Options have been built for Users (used for PCI-DSS work). The functionality needs to be expanded to all resource types (projects, domains, roles, etc) for future looking work. The future looking work will include things such as default MFA Rules, restrictions on origin for logging into a given user, user scoped to a domain, user scoped to a project, user scoped to system, etc.

It has been a desire to have the same mechanism(s) for the resource options to be available outside of just users. This bug is meant to track that work.

Morgan Fainberg (mdrnstm)
Changed in keystone:
status: New → Triaged
importance: Undecided → Wishlist
assignee: nobody → Morgan Fainberg (mdrnstm)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to keystone-specs (master)

Fix proposed to branch: master
Review: https://review.openstack.org/624162

Changed in keystone:
status: Triaged → In Progress
OpenStack Infra (hudson-openstack)
Changed in keystone:
assignee: Morgan Fainberg (mdrnstm) → Colleen Murphy (krinkle)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to keystone-specs (master)

Reviewed: https://review.opendev.org/624162
Committed: https://git.openstack.org/cgit/openstack/keystone-specs/commit/?id=2d0de7cccd172c6c70349851b0ca50ada8dd5c79
Submitter: Zuul
Branch: master

commit 2d0de7cccd172c6c70349851b0ca50ada8dd5c79
Author: Morgan Fainberg <email address hidden>
Date: Mon Dec 10 10:45:46 2018 -0800

    Add resource-options-for-all specification

    Specification defining the addition of resource options for all
    resources within Keystone isntead of just users.

    Change-Id: I6228e503f908b4bc82aa55b908995314e3e6adf7
    partial-bug: 1807751

Morgan Fainberg (mdrnstm)
summary: - Resource Options Implemented for all Resource Types
+ RFE: Resource Options Implemented for all Resource Types
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to keystone (master)

Fix proposed to branch: master
Review: https://review.opendev.org/678322

Changed in keystone:
assignee: Colleen Murphy (krinkle) → Morgan Fainberg (mdrnstm)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to keystone (master)

Reviewed: https://review.opendev.org/678322
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=b31ff3f991d16968db65373f3096c8cacb84219b
Submitter: Zuul
Branch: master

commit b31ff3f991d16968db65373f3096c8cacb84219b
Author: morgan fainberg <email address hidden>
Date: Fri Aug 23 12:01:57 2019 -0700

    Implement resource options for roles and projects

    Add in support for resource options for roles and projects (including
    domains). No options are currently implemented for roles or projects.
    Scaffolding has been implemented so that adding options should be
    straight forward. This will allow for implementing options such
    as an immutable flag.

    As a mechanism to isolate SQL Models from the Driver implementation
    especially when adding in complexity of the resource options, the
    models for the Resource backend and the Role Backend (SQL) have been
    move to their own module.

    Partial-Bug: #1807751
    Depends-On: https://review.opendev.org/678379
    Required-By: https://review.opendev.org/678380
    Change-Id: I456a7c19506d28d5846534f884b8abe0d3079c96

Morgan Fainberg (mdrnstm)
Changed in keystone:
assignee: Morgan Fainberg (mdrnstm) → nobody
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.