neutron

  1. Bug #1833455
  2. Comment #13

Comment 13 for bug 1833455

Revision history for this message
Krzysztof Pawlowski (krzysztof.pawlowski) wrote :

It's not working on rocky and stein release because default policy contains:

    "create_port:fixed_ips:ip_address": "rule:context_is_advsvc or rule:admin_or_network_owner",
    "update_port:fixed_ips:ip_address": "rule:context_is_advsvc or rule:admin_or_network_owner",

But it should be

    "create_port:fixed_ips:ip_address": "rule:context_is_advsvc or rule:admin_or_network_owner or rule:shared",
    "update_port:fixed_ips:ip_address": "rule:context_is_advsvc or rule:admin_or_network_owner or rule:shared",

The same bug exists in the stein, train and ussuri release with policy in the code.