Hi,
I have setup rocky release at my openstack lab, now all of tenant (user)
can see non-public glance image create by another tenant (user)
here is my glance policy.json :
> {
> "context_is_admin": "role:admin",
> "default": "role:admin",
> "add_image": "",
> "delete_image": "",
> "get_image": "",
> "get_images": "",
> "modify_image": "",
> "publicize_image": "role:admin",
> "communitize_image": "",
> "copy_from": "",
> "download_image": "",
> "upload_image": "",
> "delete_image_location": "",
> "get_image_location": "",
> "set_image_location": "",
> "add_member": "",
> "delete_member": "",
> "get_member": "",
> "get_members": "",
> "modify_member": "",
> "manage_image_cache": "role:admin",
> "get_task": "",
> "get_tasks": "",
> "add_task": "",
> "modify_task": "",
> "tasks_api_access": "role:admin",
> "deactivate": "",
> "reactivate": "",
> "get_metadef_namespace": "",
> "get_metadef_namespaces":"",
> "modify_metadef_namespace":"",
> "add_metadef_namespace":"",
> "get_metadef_object":"",
> "get_metadef_objects":"",
> "modify_metadef_object":"",
> "add_metadef_object":"",
> "list_metadef_resource_types":"",
> "get_metadef_resource_type":"",
> "add_metadef_resource_type_association":"",
> "get_metadef_property":"",
> "get_metadef_properties":"",
> "modify_metadef_property":"",
> "add_metadef_property":"",
> "get_metadef_tag":"",
> "get_metadef_tags":"",
> "modify_metadef_tag":"",
> "add_metadef_tag":"",
> "add_metadef_tags":""
> }
any advice how to fix this ?
--
Cheers,
[image: --]
Adhi Priharmanto
[image: http://]about.me/a_dhi
<http://about.me/a_dhi?promo=email_sig>
I have setup rocky release at my openstack lab, now all of tenant (user)
can see non-public glance image create by another tenant (user)
here is my glance policy.json :
> {
> "context_is_admin": "role:admin",
> "default": "role:admin",
> "add_image": "",
> "delete_image": "",
> "get_image": "",
> "get_images": "",
> "modify_image": "",
> "publicize_image": "role:admin",
> "communitize_image": "",
> "copy_from": "",
> "download_image": "",
> "upload_image": "",
> "delete_image_location": "",
> "get_image_location": "",
> "set_image_location": "",
> "add_member": "",
> "delete_member": "",
> "get_member": "",
> "get_members": "",
> "modify_member": "",
> "manage_image_cache": "role:admin",
> "get_task": "",
> "get_tasks": "",
> "add_task": "",
> "modify_task": "",
> "tasks_api_access": "role:admin",
> "deactivate": "",
> "reactivate": "",
> "get_metadef_namespace": "",
> "get_metadef_namespaces":"",
> "modify_metadef_namespace":"",
> "add_metadef_namespace":"",
> "get_metadef_object":"",
> "get_metadef_objects":"",
> "modify_metadef_object":"",
> "add_metadef_object":"",
> "list_metadef_resource_types":"",
> "get_metadef_resource_type":"",
> "add_metadef_resource_type_association":"",
> "get_metadef_property":"",
> "get_metadef_properties":"",
> "modify_metadef_property":"",
> "add_metadef_property":"",
> "get_metadef_tag":"",
> "get_metadef_tags":"",
> "modify_metadef_tag":"",
> "add_metadef_tag":"",
> "add_metadef_tags":""
> }
any advice how to fix this ?
--
Cheers,
[image: --]
Adhi Priharmanto
[image: http://]about.me/a_dhi
<http://about.me/a_dhi?promo=email_sig>
