Public bug reported: Listing deleted instances is admin only, but it's not clear why non- admins can't list deleted instances in their own project/tenant. This should be policy driven so that non-admins can list the deleted instances in their project.
I'm not exactly sure where this is enforced in the code, however. It doesn't fail, it just doesn't return anything: stack@archive:~/devstack$ nova list --deleted +----+------+--------+------------+-------------+----------+ | ID | Name | Status | Task State | Power State | Networks | +----+------+--------+------------+-------------+----------+ +----+------+--------+------------+-------------+----------+ This is slightly different but very explicit: https://github.com/openstack/nova/blob/12.0.0/nova/api/openstack/compute/servers.py#L335-L340 Results in: stack@archive:~/devstack$ nova list --deleted --status 'deleted' ERROR (Forbidden): Only administrators may list deleted instances (HTTP 403) (Request-ID: req-fb8ed625-2f2d-45ff-87cd-b5571cdf1dac) ** Affects: nova Importance: Wishlist Status: Invalid ** Tags: api rfe ** Description changed: Listing deleted instances is admin only, but it's not clear why non- admins can't list deleted instances in their own project/tenant. This should be policy driven so that non-admins can list the deleted instances in their project. + + I'm not exactly sure where this is enforced in the code, however. It + doesn't fail, it just doesn't return anything: + + stack@archive:~/devstack$ nova list --deleted + +----+------+--------+------------+-------------+----------+ + | ID | Name | Status | Task State | Power State | Networks | + +----+------+--------+------------+-------------+----------+ + +----+------+--------+------------+-------------+----------+ + + + This is slightly different but very explicit: + + https://github.com/openstack/nova/blob/12.0.0/nova/api/openstack/compute/servers.py#L335-L340 + + Results in: + + stack@archive:~/devstack$ nova list --deleted --status 'deleted' + ERROR (Forbidden): Only administrators may list deleted instances (HTTP 403) (Request-ID: req-fb8ed625-2f2d-45ff-87cd-b5571cdf1dac) -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova). https://bugs.launchpad.net/bugs/1518436 Title: RFE: non-admins should be able to get their deleted instances Status in OpenStack Compute (nova): Invalid Bug description: Listing deleted instances is admin only, but it's not clear why non- admins can't list deleted instances in their own project/tenant. This should be policy driven so that non-admins can list the deleted instances in their project. I'm not exactly sure where this is enforced in the code, however. It doesn't fail, it just doesn't return anything: stack@archive:~/devstack$ nova list --deleted +----+------+--------+------------+-------------+----------+ | ID | Name | Status | Task State | Power State | Networks | +----+------+--------+------------+-------------+----------+ +----+------+--------+------------+-------------+----------+ This is slightly different but very explicit: https://github.com/openstack/nova/blob/12.0.0/nova/api/openstack/compute/servers.py#L335-L340 Results in: stack@archive:~/devstack$ nova list --deleted --status 'deleted' ERROR (Forbidden): Only administrators may list deleted instances (HTTP 403) (Request-ID: req-fb8ed625-2f2d-45ff-87cd-b5571cdf1dac) To manage notifications about this bug go to: https://bugs.launchpad.net/nova/+bug/1518436/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : [email protected] Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
