Hello all, We have an established OpenStack cloud and as part of a round of security hardening would like to add some additional restrictions on the use of "admin" permissions.
In particular, we would like to limit it so that API endpoints requiring admin access can only be used from a VPN (known range of source IP addresses). We do not want the public-facing APIs to expose these endpoints, even to users with the right credentials. Has anyone already been through a similar process and have a method or advice for us to follow? Cheers, Tim _______________________________________________ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
