default role documentation: who can assign roles?
Bug #1924790 reported by
Andrew Bogott
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Expired
|
Wishlist
|
Unassigned |
Bug Description
I'm hoping that my cloud will soon be able to adopt the new default scoped role model documented at
https:/
That document is good about detailing which roles can read and view existing role assignments, but I can't tell which users can or can't assign new roles. For example, if I give a user the admin role in a project, can that user add additional users to that project?
To post a comment you must log in.
Are you looking to get that information for every API? It has been discussed in the past. It needs a serious spec.