Modify Cinder admin access user policy
Issue
- Cinder policy file does not support user id syntax
- Can we specify the user_id of the admin account in
/etc/cinder/policy.json
so that cinder honors this syntax? - If policy syntax left as:
"context_is_admin": "role:admin"
, then any user who is a project admin can view all volumes from any other user, which may not be desirable in all deployments. Would rather use:"context_is_admin": "user_id:ID-OF-ADMIN-ACCOUNT"
or similar, that will support specifying the super-admin account only to have access to every volume.
Environment
- Red Hat Enterprise Linux OpenStack Platform 6.0
- Red Hat Enterprise Linux OpenStack Platform 5.0
- Red Hat Enterprise Linux OpenStack Platform 4.0
- Red Hat Enterprise Linux OpenStack Platform 3.0
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.