04003d7c51
Currently Cinder makes all requests to other services (Nova, Swift, etc.) with current user context. Sometimes Cinder needs privileged rights for external queries (e.g. asking Nova where an instance is hosted); there is no way to do it yet. This patch adds to ability to configure an account with special rights in the configuration ('os_privileged_user_name', 'os_privileged_user_password' and 'os_privileged_user_tenant' options). Then, requests that need special permissions can be achieved by creating a client(privileged_user=True). Note: This user does not necessarily need to have an admin role associated with it. For instance, policies can be changed to allow a specific user (without any roles) to perform special actions. DocImpact: New configuration options to set a privileged user account Change-Id: I61d8a6de1c5db5ee2ecce124997f9b6447b04e47 |
||
---|---|---|
.. | ||
__init__.py | ||
nova.py |