Unable to remove aws key as normal user
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Fix Released
|
Medium
|
Steven Hardy | ||
Havana |
Fix Released
|
Medium
|
wanghong |
Bug Description
In devstack as normal user I'm able to create a bunch of AWS key pair. But I'm unable to delete those AWS key pair
as normal user. Below are the commands :
fabien@
fabien@
+------
| Property | Value |
+------
| access | 11fcd9628779482
| secret | 4c7aa22f89ba49c
| tenant_id | 53f4610540fd4be
| user_id | 970acc126501440
+------
fabien@
+------
| Property | Value |
+------
| access | 11fcd9628779482
| secret | 4c7aa22f89ba49c
| tenant_id | 53f4610540fd4be
| user_id | 970acc126501440
+------
fabien@
Unable to delete credential: Could not find credential, 11fcd9628779482
As admin user the deletion work as expected:
fabien@
fabien@
fabien@
Credential has been deleted.
Is this the normal behavior ?
tags: | added: havana-backport-potential |
Changed in keystone: | |
milestone: | none → icehouse-1 |
status: | Fix Committed → Fix Released |
Changed in keystone: | |
importance: | Undecided → Medium |
tags: | removed: havana-backport-potential |
Changed in keystone: | |
milestone: | icehouse-1 → 2014.1 |
Confirmed, this is because the non-admin code path is using the non-hashed access ID for the DB lookup:
https:/ /github. com/openstack/ keystone/ blob/master/ keystone/ contrib/ ec2/controllers .py#L268