Hi Joe/Dolph,
I have a few questions on the v3 API's create_user (sorry the comments section
in the Google docs is getting pretty cluttered now):
(POST) /users ==> create_user
{
" tenant_id": ...
"name": ...
"password": ...
"enabled": ...
"email": ...
"description": ...
}
1. Does this tenant_id option establish the default tenancy of the
created user?
2. If it does, is this default tenancy immutable or mutable? If it is
mutable, who (what role) can change it and via what API?
3. What is the intended purpose of a user's default tenancy? Is the
default tenancy association intended to link a user to a given domain (rather
than the normal user-tenant role association)?
The reason I am asking this is that I would like to know what level of
isolation (if any) we can establish for users that are homed to different
domains... So, for example, an isolation would be that a user A with a default
tenancy in domain X may not be modified or deleted by a domain-admin in domain
Y, even when user A has tenant membership in domain Y.
Thanks,
Liem
_______________________________________________
Mailing list: https://launchpad.net/~openstack
Post to : openstack@lists.launchpad.net
Unsubscribe : https://launchpad.net/~openstack
More help : https://help.launchpad.net/ListHelp
