Hello,
According to this Nova-spec of Newton release [1], user_id:%(user_id)s
syntax should work to constrain some operations to user_id instead of
project_id. Like deleting and rebuilding VMs.
But it is not working, users within the same project can delete,
rebuild..the VMs of each other. i
I'll add a couple:
Cascading deletes,
Ie when a tenant/project/user is removed from keystone there should be
someway to say deny that request if that tenant/project/user has active
resources or there should be a away to cascade that delete through the
rest of those resources (so they are dele
There are a couple of items which have not been able to make it to the top
priority for recent releases which would greatly simplify our day to day work
with the users and make the cloud more flexible. The background use cases are
described in
https://openstack-in-production.blogspot.fr/2016/04
