Hi openstacker working on congress. I want to implement the authorization mechanisms for each user, not role base. For example, User A can change security group, But User B can’t change security group like IAM feature of AWS.
In order to achieve it, I’m considering whether can I utilize Congress feature. I am thinking somehow that I can achieve it by following step. 1. create policy for each user with datalog in congress 2. prepare the wsgi filter for each project that works confirming authorization of each user to Congress. I think this use-case is very popular and there is someone who think same thing. But There is no information about it in any website (blog, presentation in summit). So why is there anyone who achieve it? or does this approach have anxious point? If you are interested in this approach or think same thing, I want to know it. Best regards Yuki Nishiwaki NTT Communitions Technology development Cloud Core Technology Unit
_______________________________________________ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
