Updating the RBAC goal as per new direction in zed cycle
In Zed cycle, we started collecting the operators feedback - https://etherpad.opendev.org/p/BER-2022-OPS-SRBAC - https://etherpad.opendev.org/p/rbac-operator-feedback and based on that we changed the direction for RBAC goal: 1. Finish delivering project personas. This is to introduce the member and reader roles to operate things within their project. By default, any other project role like foo will not be allowed to do anything in the project. 2. Change in scope implementation. Services with project resources (except Ironic as they have user using the system scope) that have already implemented scope (or have yet to) should make all policy rules set scope_types=['project']. Discussion reference for policy popup team - https://etherpad.opendev.org/p/rbac-zed-ptg#L171 Change-Id: If7b052149df3f37f2173e6719c8c6d0d81787cc7
This commit is contained in:
parent
a7bb68f83b
commit
1909d4f7a0