ha routers can only be created by admins
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Neutron API Charm |
Triaged
|
Wishlist
|
Unassigned |
Bug Description
With the default policy.json, it's only possible for openstack admin users to create ha routers.
It would be useful to have this configurable, so we can also choose of the option to let an regular user create ha-routers, just as a regular user can create a non ha router already.
The relevant piece in policy.json
"get_
"create_
"create_
"create_
"create_
"get_router": "rule:admin_
"get_
"update_
"update_
"update_
"delete_
tags: | added: bootstack-is |
tags: |
added: canonical-is-bootstack removed: bootstack-is |
tags: |
added: canonical-bootstack removed: canonical-is-bootstack |
Changed in charm-neutron-api: | |
status: | Opinion → Triaged |
tags: | added: custom-policy |
Looks to be a reasonable ask. An operator should be able to choose whether regular users can create ha routers.
I think we currently only refer to the policy.json installed from the package, the charm does not touch that file. I'm going to ask team whether it's something we could provide or if it's expected to have operator updating the file by itself.