With regard to keystone, the current policy implementation is entirely binary in that a role may either have total control over keystone or none. The implementation in Grizzly is much more granular.
-Dolph On Wed, Oct 31, 2012 at 2:35 PM, Guillermo Alvarado < guillermoalvarad...@gmail.com> wrote: > Hi everyboy, > > I want to create a new role, named "another-admin", so this role only can > create tentants and roles but cannnot change quotas or modify images and > all other actions that admin role can do. > > I read about create rules in the policy.json of each service (nova, > keystone, glance, swift) but my doubt is: How can I limit the > views/templates/urls of Horizon, I mean, I want that the role > "another-admin" can not see templates related to glance and can not see > that menu. > > Thanks in advance, > Best Regards. > > > > _______________________________________________ > Mailing list: https://launchpad.net/~openstack > Post to : openstack@lists.launchpad.net > Unsubscribe : https://launchpad.net/~openstack > More help : https://help.launchpad.net/ListHelp > >
_______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
