Re: Roles (read & write) in VIO

AMINEat · ‎03-28-2017

Hello,

I don't find how to create role who can just view instance for exemple !!

someone can help and show how to create role in VIO ????

Thanks

zlao · ‎03-30-2017

Hi,

You may create any role with keystone

but you may need to customize access policy (policy.json file) for nova

if you want to different permissions to take effect on these roles.

Regards,

Zhongcheng

AMINEat · ‎04-04-2017

Hi,

Thank you for your answer

i need syntaxe for customize access in policy.json nova if you help me !!! i try everything but nothing work

Thank's

zlao · ‎04-10-2017

After creating a new role (openstack role create...),

You may create a new rule in the policy.json

"XXX_role_required": "role:XXX",

then

for each action that you want to define ACL

specify the rule to apply

"ACTION_NAME": "rule:XXX_role_required",

You may refer to the default policy.json for ACTION_NAME.

You will also need to restart the service after the changes.

Regards,

Zhongcheng

AMINEat · ‎04-19-2017

Hi,

I did it in policy.json in nova but i have the same problem, nothing work !

Roles (read & write) in VIO