Hello Team ,
Could you please help me to isolate projects or tenants from each other.
> we have different admin users for each project and we want to isolate the admin user visibility in to other projects and settings.
> i tried to create projects and allocated admin role for user , but this way admin user will be able to see other project settings.
Can you help
Seem you are new to Openstack
There is only tow default roles installed after a VIO Deployment.
"_Members_ " This role is for users that want to use the IaaS Platform.
"Admin" = This role is for the Platform admin... so don't use it to give permission to users
The strategy i use is to create group and link the group to a role.
Group can be used to assign access to a project.
If you need to create specific roles, or modify existing ones, you have to edit the Policy.json files for each services (nova, neutron etc...)
Ps : I actually don't found the need to create a different role that the default "member" for the users that access the IaaS.
What is you need ?
For VIO we do not recommend manually editing the policy json files. You would be on your own. Support would have you remove those and reproduce issues before investigating.