On Wed, Mar 27, 2013 at 03:39:25PM +0000, Murali Reddy wrote: > On 27/03/13 8:04 PM, "Chip Childers" <chip.child...@sungard.com> wrote: > > > > >Murali Reddy - > > CLOUDSTACK-1673 AWS Regions - Events - User disable event does not > >include the UUID of the user that was disabled. > > > > Murali, you mentioned that you were working on a fix for this. You > > happened to note that you would have it by the 20th. Having any luck? > > > Sorry on the delay. Though I have fix ready, I can not fully test it > because most of the events are not generated due to bug CLOUDSTACK-1664. > Moreover I do not think its critical bug. I have left below comment in the > bug and marked as major. I can fix this bug if required only after fix for > CLOUDSTACK-1664 is checked-in. > > "Do not think its critical issue in the context of Regions. While syncing > account/user/domain information across the regions using event bus is just > one implementation option. User provisioning system's like portals can > directly create account/user/domains across regions with out need of event > bus. > > Even if one uses event bus, there are other implementation options with > which once achieve this. For eg, when User/Account/Domain create event > occurs, consumers can query list of account/domain/accounts details in the > region which generated the event and figure the details of new object > created." >
Thanks for the reply. Assuming that Kelvin's patch for 1664 is actually in the set of fixes I already applied to 4.1, does that mean that you can test and resolve 1673 now? I see your point about this not being the only implementation model for regions, but it is the one that's being included as the reference approach for 4.1. Not syncing a disable event sounds like a potential security hole. Unless anyone objects, and based on the logic above, I'd still consider 1673 as a critical fix for 4.1. -chip
